Refactor sprint planning docs and add templates
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Updated AGENTS.md with implementation planning conventions and stream index. Refactored SPRINT_110_ingestion_evidence.md, SPRINT_125_mirror.md, and SPRINT_300_documentation_process.md to use a topic-oriented template, clarify dependencies, task boards, and checkpoint structure. Archived previous sprint details and added new templates and status snapshot files to docs/implplan.
This commit is contained in:
master
46
AGENTS.md
46
AGENTS.md
@@ -224,3 +224,49 @@ You main characteristics:
|
||||
- 3. Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
|
||||
- 4. Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
|
||||
- 5. Revert to `TODO` if you pause the task without shipping changes; leave notes in commit/PR descriptions for context.
|
||||
|
||||
## 6) Implementation Planning Overview
|
||||
|
||||
The implementation plan lives under `docs/implplan`. Follow these conventions whenever you touch sprint artefacts.
|
||||
|
||||
- **Numbering & concurrency**
|
||||
- Sprint files use the pattern `SPRINT_<decade><unit>_<topic>.md`.
|
||||
- The **decade** (110s, 120s, …) identifies a delivery stream. Streams can execute in parallel.
|
||||
- Numbers inside the same decade (e.g. `110`–`119`) **must not depend on each other**; they are intentionally concurrency-safe once upstream decades have landed.
|
||||
- Multi-phase work keeps the decade and adds suffixes (`_i`, `_ii`, …) while preserving the no-intra-decade-dependency rule.
|
||||
- **Required sections per sprint file**
|
||||
1. `## Topic & Scope`
|
||||
2. `## Dependencies & Concurrency`
|
||||
3. `## Documentation Prerequisites`
|
||||
4. `## Task Board` (single table with `Task ID`, `Status`, `Owner(s)`, `Dependencies`, `Notes`)
|
||||
5. `## Execution Log`
|
||||
6. `## Decisions & Risks`
|
||||
7. `## Next Checkpoints`
|
||||
- Optional deep dives go into `docs/implplan/archived/` or linked supplements to keep sprint files concise.
|
||||
- **Updating sprint status**
|
||||
- Flip the relevant row to `DOING` as soon as you start and keep the parent stream tracker in sync (e.g. Sprint 300 for Docs).
|
||||
- Revert to `TODO` with a log entry if you pause mid-work.
|
||||
- Mark `DONE (YYYY-MM-DD)` and capture validation evidence in the execution log when closing work.
|
||||
- **Creating new sprints**
|
||||
1. Copy `docs/implplan/templates/sprint-template.md` to `docs/implplan/SPRINT_<id>_<topic>.md`.
|
||||
2. Update headings, scope, dependencies, and seed the initial task board.
|
||||
3. Register the sprint in the stream index below and any parent tracker.
|
||||
- **Stream index (update when scopes change)**
|
||||
|
||||
| Decade | Stream | Notes |
|
||||
| --- | --- | --- |
|
||||
| 110s | Ingestion & Evidence | Advisory AI, Concelier, Excititor, Mirror. |
|
||||
| 120s | Policy & Reasoning | Findings ledger, policy evaluation, provenance. |
|
||||
| 130s | Scanner Surface | Scanner surface hardening and deterministic compose. |
|
||||
| 140s | Signals & Graph | Runtime signals, graph enrichment, Zastava. |
|
||||
| 150s | Orchestration & Scheduling | Scheduler, orchestrator, automation packs. |
|
||||
| 160s | Evidence & Export | Export Center, Evidence Locker, timeline indexer. |
|
||||
| 170s | Notifications & Telemetry | Notify stack and telemetry improvements. |
|
||||
| 180s | Replay Foundations | Deterministic replay primitives and evidence locker integration. |
|
||||
| 200s | Experience SDKs & CLI | CLI, SDKs, dev portal, experience alignment. |
|
||||
| 210s | UI & Web | Console SPA and web surfaces. |
|
||||
| 300s | Documentation Process | Docs process ladder and per-module dossiers. |
|
||||
| 400s | Reachability & Runtime Evidence | Runtime callgraph union and reachability evidence chain. |
|
||||
| 500s | Ops & Air-gap | Offline modes, deployment, samples, sovereign crypto. |
|
||||
|
||||
Keep this index synchronized any time new sprints are added or re-scoped.
|
||||
|
||||
@@ -1,242 +1,81 @@
|
||||
# Sprint 110 - Ingestion & Evidence
|
||||
# Sprint 110 · Ingestion & Evidence
|
||||
|
||||
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
|
||||
## Topic & Scope
|
||||
- Finalise Advisory AI guardrail evidence (docs, SBOM feeds, policy knobs) while keeping customer rollout unblocked.
|
||||
- Land Concelier structured caching + telemetry so Link-Not-Merge schemas can feed downstream consoles, air-gap bundles, and attestations.
|
||||
- Prepare Excititor chunk API, telemetry, and attestation contracts for deterministic VEX evidence delivery.
|
||||
- Staff and kick off the Mirror assembler so deterministic bundles, DSSE/TUF metadata, and CLI/Export Center automation can start.
|
||||
|
||||
## Wave coordination
|
||||
## Dependencies & Concurrency
|
||||
- Upstream: Sprint 100.A (Attestor) must remain green; Excititor/Concelier depend on Link-Not-Merge schema set (`CONCELIER-LNM-21-*`, `CARTO-GRAPH-21-002`). Advisory AI docs require SBOM/CLI/Policy/DevOps deliverables (`SBOM-AIAI-31-001`, `CLI-VULN-29-001`, `CLI-VEX-30-001`, `POLICY-ENGINE-31-001`, `DEVOPS-AIAI-31-001`).
|
||||
- Sprint 110 peers (111–119 range) stay independent; no intra-decade dependencies are permitted.
|
||||
- Evidence Locker contract and Mirror staffing decisions affect Excititor attestation work and Mirror tracks respectively.
|
||||
|
||||
| Wave | Guild owners | Shared prerequisites | Status | Notes |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| 110.A AdvisoryAI | Advisory AI Guild · Docs Guild · SBOM Service Guild | Sprint 100.A – Attestor (closed 2025-11-09 per `docs/implplan/archived/SPRINT_100_identity_signing.md`) | DOING | Guardrail regression suite (AIAI-31-009) closed 2025-11-12 with the new `AdvisoryAI:Guardrails` configuration; console doc (DOCS-AIAI-31-004) remains DOING while SBOM/CLI/Policy/DevOps dependencies unblock screenshots/runbook work. |
|
||||
| 110.B Concelier | Concelier Core & WebService Guilds · Observability Guild · AirGap Guilds (Importer/Policy/Time) | Sprint 100.A – Attestor | DOING | Paragraph chunk API shipped 2025-11-07; structured field/caching (CONCELIER-AIAI-31-002) is mid-implementation, telemetry (CONCELIER-AIAI-31-003) closed 2025-11-12, and air-gap/console/attestation tracks are held by Link-Not-Merge + Cartographer schema. |
|
||||
| 110.C Excititor | Excititor WebService/Core Guilds · Observability Guild · Evidence Locker Guild | Sprint 100.A – Attestor | DOING | Normalized justification projections (EXCITITOR-AIAI-31-001) landed; chunk API, telemetry, docs, attestation, and mirror backlog stay queued behind Link-Not-Merge / Evidence Locker prerequisites. |
|
||||
| 110.D Mirror | Mirror Creator Guild · Exporter Guild · CLI Guild · AirGap Time Guild | Sprint 100.A – Attestor | TODO | Wave remains TODO—MIRROR-CRT-56-001 has no owner, so DSSE/TUF, OCI/time-anchor, CLI, and scheduling integrations cannot proceed. |
|
||||
## Documentation Prerequisites
|
||||
- `docs/modules/advisory-ai/architecture.md`
|
||||
- `docs/modules/concelier/architecture.md`
|
||||
- `docs/modules/excititor/architecture.md`
|
||||
- `docs/modules/export-center/architecture.md`
|
||||
- `docs/modules/airgap/architecture.md` (timeline + bundle requirements)
|
||||
|
||||
## Status snapshot (2025-11-13)
|
||||
## Task Board
|
||||
| Wave | Task ID | Status | Owner(s) | Dependencies | Notes |
|
||||
| --- | --- | --- | --- | --- | --- |
|
||||
| 110.A Advisory AI | DOCS-AIAI-31-004 | DOING | Docs Guild · Console Guild | CONSOLE-VULN-29-001; CONSOLE-VEX-30-001; SBOM-AIAI-31-001/003 | Guardrail console doc drafted; screenshots + SBOM evidence pending. |
|
||||
| 110.A Advisory AI | AIAI-31-009 | DONE (2025-11-12) | Advisory AI Guild | — | Regression suite + `AdvisoryAI:Guardrails` config landed with perf budgets. |
|
||||
| 110.A Advisory AI | AIAI-31-008 | TODO | Advisory AI Guild | AIAI-31-006; AIAI-31-007 | Remote inference packaging queued behind policy knob work. |
|
||||
| 110.A Advisory AI | SBOM-AIAI-31-003 | BLOCKED | SBOM Service Guild | SBOM-AIAI-31-001; CLI-VULN-29-001; CLI-VEX-30-001 | Needs SBOM delta kit + CLI deliverables before validation can proceed. |
|
||||
| 110.A Advisory AI | DOCS-AIAI-31-005/006/008/009 | BLOCKED | Docs Guild | DOCS-AIAI-31-004; CLI-VULN-29-001; CLI-VEX-30-001; POLICY-ENGINE-31-001; DEVOPS-AIAI-31-001 | CLI/policy/ops docs paused pending upstream artefacts. |
|
||||
| 110.B Concelier | CONCELIER-AIAI-31-002 | DOING | Concelier Core · Concelier WebService Guilds | CONCELIER-GRAPH-21-001/002; CARTO-GRAPH-21-002 | Structured field/caching implementation gated on schema approval. |
|
||||
| 110.B Concelier | CONCELIER-AIAI-31-003 | DONE (2025-11-12) | Concelier Observability Guild | — | Telemetry counters/histograms live for Advisory AI dashboards. |
|
||||
| 110.B Concelier | CONCELIER-AIRGAP-56-001..58-001 | TODO | Concelier Core · AirGap Guilds | Link-Not-Merge schema; Evidence Locker attestation contract | Air-gap bundles waiting on stable schema + attestation payloads. |
|
||||
| 110.B Concelier | CONCELIER-CONSOLE-23-001..003 | TODO | Concelier Console Guild | Link-Not-Merge schema | Console overlays blocked until schema signed off. |
|
||||
| 110.B Concelier | CONCELIER-ATTEST-73-001/002 | TODO | Concelier Core · Evidence Locker Guild | CONCELIER-AIAI-31-002; Evidence Locker contract | Attestation metadata wiring follows structured caching. |
|
||||
| 110.B Concelier | FEEDCONN-ICSCISA-02-012 / FEEDCONN-KISA-02-008 | BLOCKED | Concelier Feed Owners | Feed owner remediation plan | Overdue provenance refreshes require schedule from feed owners. |
|
||||
| 110.C Excititor | EXCITITOR-AIAI-31-001 | DONE (2025-11-09) | Excititor Web/Core Guilds | — | Normalised VEX justification projections shipped. |
|
||||
| 110.C Excititor | EXCITITOR-AIAI-31-002 | TODO | Excititor Web/Core Guilds | Link-Not-Merge schema; Evidence Locker contract | Chunk API waiting on schema + ingest agreements. |
|
||||
| 110.C Excititor | EXCITITOR-AIAI-31-003 | TODO | Excititor Observability Guild | EXCITITOR-AIAI-31-002 | Telemetry/guardrail metrics follow chunk API. |
|
||||
| 110.C Excititor | EXCITITOR-AIAI-31-004 | TODO | Docs Guild · Excititor Guild | EXCITITOR-AIAI-31-002 | Docs/OpenAPI alignment queued behind chunk API finalisation. |
|
||||
| 110.C Excititor | EXCITITOR-ATTEST-01-003 / 73-001 / 73-002 | TODO | Excititor Guild · Evidence Locker Guild | EXCITITOR-AIAI-31-002; Evidence Locker contract | Attestation payload ordering awaiting sequencing session. |
|
||||
| 110.C Excititor | EXCITITOR-AIRGAP-56/57/58 · EXCITITOR-CONN-TRUST-01-001 | TODO | Excititor Guild · AirGap Guilds | Link-Not-Merge schema; attestation plan | Air-gap + connector parity depend on schema + attestation readiness. |
|
||||
| 110.D Mirror | MIRROR-CRT-56-001 | TODO | Mirror Creator Guild | Staffing decision | Deterministic assembler has no owner; kickoff rescheduled to 2025-11-15. |
|
||||
| 110.D Mirror | MIRROR-CRT-56-002 | TODO | Mirror Creator · Security Guilds | MIRROR-CRT-56-001; PROV-OBS-53-001 | DSSE/TUF metadata follows assembler baseline. |
|
||||
| 110.D Mirror | MIRROR-CRT-57-001/002 | TODO | Mirror Creator Guild · AirGap Time Guild | MIRROR-CRT-56-001; AIRGAP-TIME-57-001 | OCI/time-anchor workstreams blocked pending assembler + time contract. |
|
||||
| 110.D Mirror | MIRROR-CRT-58-001/002 | TODO | Mirror Creator Guild · CLI Guild · Exporter Guild | MIRROR-CRT-56-001; EXPORT-OBS-54-001; CLI-AIRGAP-56-001 | CLI + Export automation depends on assembler and DSSE/TUF track. |
|
||||
| 110.D Mirror | EXPORT-OBS-51-001 / 54-001 · AIRGAP-TIME-57-001 · CLI-AIRGAP-56-001 · PROV-OBS-53-001 | TODO | Exporter Guild · AirGap Time Guild · CLI Guild | MIRROR-CRT-56-001 staffing | Downstream automation awaiting assembler staffing outcome. |
|
||||
|
||||
- **Advisory AI (110.A)** – Guardrail regression suite AIAI-31-009 closed on 2025-11-12 with the `AdvisoryAI:Guardrails` binding and sub-400 ms batch budgets; DOCS-AIAI-31-004 is the lone DOING item, blocked on Console screenshots (CONSOLE-VULN-29-001 / CONSOLE-VEX-30-001) plus SBOM evidence. SBOM-AIAI-31-003 and DOCS-AIAI-31-005/006/008/009 stay BLOCKED until SBOM-AIAI-31-001, CLI-VULN-29-001, CLI-VEX-30-001, POLICY-ENGINE-31-001, and DEVOPS-AIAI-31-001 land (ETAs requested for 2025-11-14).
|
||||
- **Concelier (110.B)** – Paragraph chunk API shipped on 2025-11-07 and telemetry (CONCELIER-AIAI-31-003) landed 2025-11-12; structured field/caching (CONCELIER-AIAI-31-002) is DOING but cannot release until Link-Not-Merge plus Cartographer schema (`CARTO-GRAPH-21-002`) finalize. Air-gap (CONCELIER-AIRGAP-56..58), console (CONCELIER-CONSOLE-23-001..003), attestation (CONCELIER-ATTEST-73-001/002), and overdue connector refreshes (FEEDCONN-ICSCISA-02-012 / FEEDCONN-KISA-02-008) remain TODO.
|
||||
- **Excititor (110.C)** – Normalized VEX justifications (EXCITITOR-AIAI-31-001) are live; chunk API, telemetry, docs, attestation, air-gap, and connector parity tracks (EXCITITOR-AIAI-31-002/003/004, `EXCITITOR-ATTEST-*`, `EXCITITOR-AIRGAP-*`, `EXCITITOR-CONN-TRUST-01-001`) are queued behind the same Link-Not-Merge schema plus Evidence Locker contract.
|
||||
- **Mirror (110.D)** – MIRROR-CRT-56-001 still lacks an owner, so DSSE/TUF, OCI/time-anchor, CLI, Export Center, and AirGap Time integrations (MIRROR-CRT-56/57/58, EXPORT-OBS-51/54, AIRGAP-TIME-57-001) cannot start; kickoff moved to 2025-11-15 unless staffing is resolved sooner.
|
||||
|
||||
### Wave health (RAG snapshot)
|
||||
|
||||
| Wave | Health | Drivers |
|
||||
## Execution Log
|
||||
| Date (UTC) | Update | Owner |
|
||||
| --- | --- | --- |
|
||||
| 110.A AdvisoryAI | 🔶 Watching | Only DOCS-AIAI-31-004 is active; waiting on SBOM/CLI/Policy/DevOps ETAs to restart remaining doc/SBOM tasks. |
|
||||
| 110.B Concelier | 🔶 Watching | Structured caching is in-flight but Link-Not-Merge schema + connector refreshes remain unresolved. |
|
||||
| 110.C Excititor | 🔶 Watching | Downstream work entirely gated by Link-Not-Merge + Evidence Locker contract; ready to move once schemas approved. |
|
||||
| 110.D Mirror | 🔴 Blocked | MIRROR-CRT-56-001 still unstaffed; kickoff on 2025-11-15 must assign owner or sprint slips. |
|
||||
|
||||
### Wave task tracker (refreshed 2025-11-13)
|
||||
|
||||
#### 110.A AdvisoryAI
|
||||
|
||||
| Task ID | State | Notes |
|
||||
| --- | --- | --- |
|
||||
| DOCS-AIAI-31-004 | DOING | Console guardrail doc drafted; screenshots/runbook copy blocked on CONSOLE-VULN-29-001, CONSOLE-VEX-30-001, and SBOM evidence feeds. |
|
||||
| AIAI-31-009 | DONE (2025-11-12) | Guardrail regression suite + `AdvisoryAI:Guardrails` config binding merged with perf budgets. |
|
||||
| AIAI-31-008 | TODO | Remote inference packaging waits on policy knobs (AIAI-31-006/007). |
|
||||
| SBOM-AIAI-31-003 | BLOCKED | Needs SBOM-AIAI-31-001 outputs plus CLI-VULN/CLI-VEX deliverables. |
|
||||
| DOCS-AIAI-31-005/006/008/009 | BLOCKED | Await SBOM/CLI/Policy/DevOps artifacts listed above. |
|
||||
|
||||
#### 110.B Concelier
|
||||
|
||||
| Task ID | State | Notes |
|
||||
| --- | --- | --- |
|
||||
| CONCELIER-AIAI-31-002 | DOING | Structured field/caching implementation underway; blocked on Link-Not-Merge schema + CARTO-GRAPH-21-002. |
|
||||
| CONCELIER-AIAI-31-003 | DONE (2025-11-12) | Telemetry counters/histograms live for Advisory AI dashboards. |
|
||||
| CONCELIER-AIRGAP-56-001..58-001 | TODO | Air-gap bundles waiting on schema + attestation payloads. |
|
||||
| CONCELIER-CONSOLE-23-001..003 | TODO | Console overlays blocked by Link-Not-Merge delivery. |
|
||||
| CONCELIER-ATTEST-73-001/002 | TODO | Attestation metadata wiring queued behind structured caching. |
|
||||
| FEEDCONN-ICSCISA-02-012 / FEEDCONN-KISA-02-008 | BLOCKED | Connector provenance refreshes overdue; need feed owner schedule. |
|
||||
|
||||
#### 110.C Excititor
|
||||
|
||||
| Task ID | State | Notes |
|
||||
| --- | --- | --- |
|
||||
| EXCITITOR-AIAI-31-001 | DONE (2025-11-09) | Normalized VEX justification projections live at `/v1/vex/observations/{vulnerabilityId}/{productKey}`. |
|
||||
| EXCITITOR-AIAI-31-002 | TODO | Chunk API pending Link-Not-Merge schema + Evidence Locker ingest plan. |
|
||||
| EXCITITOR-AIAI-31-003 | TODO | Telemetry/guardrail instrumentation blocked on chunk schema readiness. |
|
||||
| EXCITITOR-AIAI-31-004 | TODO | Docs/OpenAPI alignment follows chunk API. |
|
||||
| EXCITITOR-ATTEST-01-003 / 73-001 / 73-002 | TODO | Attestation payload work waiting on chunk normalization + Evidence Locker scope. |
|
||||
| EXCITITOR-AIRGAP-56/57/58 · EXCITITOR-CONN-TRUST-01-001 | TODO | Air-gap + connector parity require Link-Not-Merge + attestation readiness. |
|
||||
|
||||
#### 110.D Mirror
|
||||
|
||||
| Task ID | State | Notes |
|
||||
| --- | --- | --- |
|
||||
| MIRROR-CRT-56-001 | TODO | Deterministic assembler lacks owner; kickoff reset to 2025-11-15. |
|
||||
| MIRROR-CRT-56-002 | TODO | DSSE/TUF design blocked on MIRROR-CRT-56-001 code path. |
|
||||
| MIRROR-CRT-57-001/002 | TODO | OCI/time-anchor workstreams depend on assembler completion. |
|
||||
| MIRROR-CRT-58-001/002 | TODO | Export/CLI automation waiting on MIRROR-CRT-56-001. |
|
||||
| EXPORT-OBS-51-001 / 54-001 · AIRGAP-TIME-57-001 · CLI-AIRGAP-56-001 · PROV-OBS-53-001 | TODO | Require assembler baseline and staffing commitments. |
|
||||
|
||||
### In-flight focus (DOING items)
|
||||
|
||||
| Task ID | Remaining work | Blockers | Target date | Owners |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| DOCS-AIAI-31-004 | Capture Console screenshots + guardrail ribbon copy, finalize runbook text. | CONSOLE-VULN-29-001 / CONSOLE-VEX-30-001 outputs; SBOM evidence feeds. | 2025-11-15 | Docs Guild · Advisory AI Guild |
|
||||
| CONCELIER-AIAI-31-002 | Implement structured field/caching API + regression fixtures. | Link-Not-Merge schema (`CONCELIER-GRAPH-21-001/002`, `CARTO-GRAPH-21-002`). | 2025-11-16 | Concelier Core · Concelier WebService Guilds |
|
||||
| CONCELIER-GRAPH-21-001/002 · CARTO-GRAPH-21-002 | Finalize projection schema + change events, publish migration guide. | Cross-guild review on 2025-11-14. | 2025-11-14 | Concelier Core · Cartographer Guild · SBOM Service Guild |
|
||||
| MIRROR-CRT-56-001 staffing | Assign engineering owner, scope kickoff, and start assembler implementation. | Needs Mirror/Exporter/AirGap leadership approval. | 2025-11-15 | Mirror Creator Guild · Exporter Guild |
|
||||
|
||||
### Dependency status watchlist (2025-11-13)
|
||||
|
||||
| Dependency | Status | Impacted work | Owner(s) / follow-up |
|
||||
| --- | --- | --- | --- |
|
||||
| SBOM/CLI/Policy/DevOps deliverables (SBOM-AIAI-31-001/003, CLI-VULN-29-001, CLI-VEX-30-001, POLICY-ENGINE-31-001, DEVOPS-AIAI-31-001) | ETAs requested for 2025-11-14. | DOCS-AIAI-31-004/005/006/008/009, SBOM-AIAI-31-003, AIAI-31-008. | SBOM Service · CLI · Policy · DevOps guilds |
|
||||
| Link-Not-Merge schema (CONCELIER-LNM-21-001..003, CONCELIER-GRAPH-21-001/002, CARTO-GRAPH-21-002) | Review on 2025-11-14. | CONCELIER-AIAI-31-002, CONCELIER-AIRGAP-56..58, EXCITITOR-AIAI-31-002/003/004, EXCITITOR-ATTEST-*, Mirror consumers. | Concelier Core · Cartographer Guild · Platform Events Guild |
|
||||
| Connector refreshes (FEEDCONN-ICSCISA-02-012 / FEEDCONN-KISA-02-008) | Overdue since 2025-10-23/24. | Advisory AI feed coverage + telemetry accuracy. | Concelier Feed Owners |
|
||||
| MIRROR-CRT-56-001 staffing | Owner not yet assigned; kickoff moved to 2025-11-15. | Entire Mirror wave + Export Center + AirGap Time work. | Mirror Creator Guild · Exporter Guild · AirGap Time Guild |
|
||||
| Evidence Locker attestation contract | Drafting; needs Excititor + Concelier alignment. | EXCITITOR-ATTEST-* and CONCELIER-ATTEST-73-001/002. | Evidence Locker Guild · Excititor Guild · Concelier Guild |
|
||||
|
||||
### Upcoming checkpoints (2025-11-13 → 2025-11-15)
|
||||
|
||||
| Date (UTC) | Session | Goal / expected exit | Impacted wave(s) | Prep owner(s) |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| 2025-11-14 | Advisory AI customer surfaces follow-up | Capture SBOM/CLI/Policy/DevOps ETAs so DOCS-AIAI backlog can resume. | 110.A | Advisory AI · SBOM · CLI · Policy · DevOps guild leads |
|
||||
| 2025-11-14 | Link-Not-Merge schema review | Approve CARTO-GRAPH-21-002 + CONCELIER-GRAPH-21-001/002 payloads, document migration. | 110.B · 110.C | Concelier Core · Cartographer Guild · SBOM Service Guild |
|
||||
| 2025-11-15 | Excititor attestation sequencing | Sequence EXCITITOR-AIAI-31-002/003 and slot EXCITITOR-ATTEST-01-003 / 73-001 / 73-002 with Evidence Locker. | 110.C | Excititor Web/Core · Evidence Locker Guild |
|
||||
| 2025-11-15 | Mirror evidence kickoff | Assign MIRROR-CRT-56-001 owner, confirm EXPORT-OBS/AIRGAP-TIME staffing, outline DSSE/TUF + OCI milestones. | 110.D | Mirror Creator · Exporter · AirGap Time · Security guilds |
|
||||
|
||||
### Meeting prep checklist
|
||||
|
||||
| Session | Pre-reads / artifacts | Open questions | Prep owner(s) |
|
||||
| --- | --- | --- | --- |
|
||||
| Advisory AI customer surfaces (2025-11-14) | SBOM-AIAI-31-001 projection draft, CLI-VULN/CLI-VEX scope notes, POLICY-ENGINE-31-001 knob proposal, DEVOPS-AIAI-31-001 runbook outline. | Exact delivery dates for each artifact? Any blockers requiring interim screenshots or mock SBOM data? | Advisory AI Guild · SBOM Service · CLI · Policy · DevOps guilds |
|
||||
| Link-Not-Merge schema review (2025-11-14) | Latest `CONCELIER-GRAPH-21-001/002` + `CARTO-GRAPH-21-002` payloads, migration guide draft, event contract examples. | Are there unresolved fields/tenant tags? How will backfill/replay be handled? Do Advisory AI consumers need an adapter? | Concelier Core · Cartographer Guild · SBOM Service Guild · Platform Events Guild |
|
||||
| Excititor attestation sequencing (2025-11-15) | EXCITITOR-AIAI-31-002/003 design notes, Evidence Locker contract draft, attestation backlog order (`EXCITITOR-ATTEST-*`). | Which attestation payload ships first? What telemetry/rollout gates are required? How will Evidence Locker validate manifests? | Excititor Web/Core · Evidence Locker Guild |
|
||||
| Mirror evidence kickoff (2025-11-15) | MIRROR-CRT-56-001 scope brief, EXPORT-OBS-51/54 staffing plan, AIRGAP-TIME-57-001 requirements, DSSE/TUF design outline. | Who owns MIRROR-CRT-56-001? Can Export/AirGap lend engineers immediately? Do we need interim manual bundles before assembler lands? | Mirror Creator · Exporter · AirGap Time · Security guilds |
|
||||
|
||||
### Target outcomes (through 2025-11-15)
|
||||
|
||||
| Deliverable | Target date | Status | Dependencies / notes |
|
||||
| --- | --- | --- | --- |
|
||||
| DOCS-AIAI-31-004 publication | 2025-11-15 | DOING | Needs Console screenshots + SBOM feeds once SBOM/CLI ETAs are confirmed. |
|
||||
| SBOM/CLI/Policy/DevOps ETA commitments | 2025-11-14 | PENDING | Advisory AI follow-up must end with written delivery dates. |
|
||||
| Link-Not-Merge schema approval | 2025-11-14 | PENDING | Requires agreement on CONCELIER-GRAPH-21-001/002 + CARTO-GRAPH-21-002 payloads. |
|
||||
| Excititor attestation sequencing plan | 2025-11-15 | PENDING | Dependent on Evidence Locker contract + attestation backlog ordering. |
|
||||
| MIRROR-CRT-56-001 owner assignment | 2025-11-15 | PENDING | Must exit kickoff with named engineer + sprint scope. |
|
||||
|
||||
### Awaiting updates (blocking follow-ups)
|
||||
|
||||
| Update needed | Why it matters | Requested from | When requested |
|
||||
| --- | --- | --- | --- |
|
||||
| Written SBOM-AIAI-31-001/003, CLI-VULN-29-001, CLI-VEX-30-001, POLICY-ENGINE-31-001, DEVOPS-AIAI-31-001 ETAs | Unblocks DOCS-AIAI-31-004/005/006/008/009 and SBOM-AIAI-31-003 | SBOM Service, CLI, Policy, DevOps guild leads | 2025-11-13 stand-up |
|
||||
| Confirmation that Link-Not-Merge pre-read comments are resolved | Determines whether schema can be approved on 2025-11-14 | Concelier Core · Cartographer Guild · SBOM Service Guild | 2025-11-13 meeting prep |
|
||||
| Evidence Locker sign-off on attestation contract draft | Required before Excititor attestation sequencing on 2025-11-15 | Evidence Locker Guild | 2025-11-13 |
|
||||
| Mirror/Exporter leadership agreement on MIRROR-CRT-56-001 owner | Without it, the 2025-11-15 kickoff has no accountable engineer | Mirror Creator Guild · Exporter Guild · AirGap Time Guild | 2025-11-13 |
|
||||
|
||||
### Pre-read distribution status (as of 2025-11-13 22:31 UTC)
|
||||
|
||||
| Session | Pre-read packet | Status | Owner(s) |
|
||||
| --- | --- | --- | --- |
|
||||
| Advisory AI follow-up (2025-11-14) | SBOM kit draft + CLI/Policy/DevOps notes | Docs compiled; waiting for guild leads to append ETA fields before sharing. | Advisory AI Guild |
|
||||
| Link-Not-Merge review (2025-11-14) | Schema redlines + migration doc | Circulated to Concelier/Cartographer/SBOM; comments due morning of 2025-11-14. | Concelier Core · Cartographer Guild |
|
||||
| Excititor attestation sequencing (2025-11-15) | Evidence Locker contract draft + backlog order | Draft complete; Evidence Locker reviewing telemetry requirements. | Excititor Web/Core · Evidence Locker Guild |
|
||||
| Mirror kickoff (2025-11-15) | MIRROR-CRT-56-001 scope brief + staffing proposal | Outline sent to Mirror/Exporter leadership; pending confirmation of available engineers. | Mirror Creator Guild · Exporter Guild |
|
||||
|
||||
### Decisions needed (before 2025-11-15)
|
||||
| 2025-11-13 | Refreshed wave tracker, decisions, and contingency plan ahead of 14–15 Nov checkpoints; outstanding asks: SBOM/CLI/Policy/DevOps ETAs, Link-Not-Merge approval, Mirror staffing. | Sprint 110 leads |
|
||||
| 2025-11-09 | Captured initial wave scope, interlocks, and risks covering SBOM/CLI/Policy/DevOps artefacts, Link-Not-Merge schemas, Excititor justification backlog, and Mirror assembler commitments. | Sprint 110 leads |
|
||||
|
||||
## Decisions & Risks
|
||||
### Decisions in flight
|
||||
| Decision | Blocking work | Accountable owner(s) | Due date |
|
||||
| --- | --- | --- | --- |
|
||||
| Provide SBOM/CLI/Policy/DevOps delivery dates | DOCS-AIAI-31-004/005/006/008/009, SBOM-AIAI-31-003, AIAI-31-008 | SBOM Service · CLI · Policy · DevOps guilds | 2025-11-14 |
|
||||
| Approve Link-Not-Merge + CARTO schema | CONCELIER-AIAI-31-002, EXCITITOR-AIAI-31-002/003/004, air-gap + attestation tasks | Concelier Core · Cartographer Guild · SBOM Service Guild | 2025-11-14 |
|
||||
| Assign MIRROR-CRT-56-001 owner | All Mirror/Export/AirGap downstream work | Mirror Creator Guild · Exporter Guild · AirGap Time Guild | 2025-11-15 |
|
||||
| Confirm Evidence Locker attestation scope | EXCITITOR-ATTEST-* and CONCELIER-ATTEST-73-001/002 | Evidence Locker Guild · Excititor Guild · Concelier Guild | 2025-11-15 |
|
||||
| Confirm SBOM/CLI/Policy/DevOps delivery dates | DOCS-AIAI backlog, SBOM-AIAI-31-003, AIAI-31-008 | SBOM Service · CLI · Policy · DevOps guild leads | 2025-11-14 |
|
||||
| Approve Link-Not-Merge schema (CONCELIER-GRAPH-21-001/002, CARTO-GRAPH-21-002) | CONCELIER-AIAI-31-002, EXCITITOR-AIAI-31-002/003/004, air-gap + attestation tasks | Concelier Core · Cartographer Guild · SBOM Service Guild | 2025-11-14 |
|
||||
| Assign MIRROR-CRT-56-001 owner | Entire Mirror wave + Export Center + AirGap Time automation | Mirror Creator Guild · Exporter Guild · AirGap Time Guild | 2025-11-15 |
|
||||
| Evidence Locker attestation scope sign-off | EXCITITOR-ATTEST-01-003/73-001/73-002; CONCELIER-ATTEST-73-001/002 | Evidence Locker Guild · Excititor Guild · Concelier Guild | 2025-11-15 |
|
||||
| Approve DOCS-AIAI-31-004 screenshot plan | Publication of console guardrail doc | Docs Guild · Console Guild | 2025-11-15 |
|
||||
|
||||
### Action item tracker (status as of 2025-11-13)
|
||||
|
||||
| Item | Status | Next step | Owner(s) | Due |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| SBOM-AIAI-31-001 projection kit | Pending ETA | Provide delivery date + artifact checklist during 2025-11-14 call. | SBOM Service Guild | 2025-11-14 |
|
||||
| CLI-VULN-29-001 / CLI-VEX-30-001 scope alignment | In progress | Confirm parameter set + release vehicle to unblock docs. | CLI Guild | 2025-11-14 |
|
||||
| POLICY-ENGINE-31-001 guardrail knob | Drafting | Share config snippet + rollout plan with Advisory AI. | Policy Guild | 2025-11-14 |
|
||||
| DEVOPS-AIAI-31-001 deployment runbooks | Not started | Outline automation coverage and ops checklist. | DevOps Guild | 2025-11-15 |
|
||||
| Link-Not-Merge schema redlines | Circulated | Sign off during 2025-11-14 review, publish migration notes. | Concelier Core · Cartographer Guild · SBOM Service Guild | 2025-11-14 |
|
||||
| MIRROR-CRT-56-001 staffing plan | Not started | Name owner + confirm initial sprint scope. | Mirror Creator Guild · Exporter Guild | 2025-11-15 |
|
||||
|
||||
### Standup agenda (2025-11-13)
|
||||
|
||||
| Track | Questions to cover | Owner ready to report |
|
||||
| --- | --- | --- |
|
||||
| 110.A Advisory AI | Are SBOM/CLI/Policy/DevOps guilds ready to commit ETAs so DOCS-AIAI backlog can resume? | Advisory AI Guild · Docs Guild |
|
||||
| 110.B Concelier | Link-Not-Merge review prep status and connector refresh recovery plan? | Concelier Core · Concelier WebService Guilds |
|
||||
| 110.C Excititor | Evidence Locker contract + attestation sequencing ready for 2025-11-15 session? | Excititor Web/Core Guilds · Evidence Locker Guild |
|
||||
| 110.D Mirror | Who is owning MIRROR-CRT-56-001 and what runway is needed? | Mirror Creator Guild · Exporter Guild |
|
||||
| Cross-track | Any new risks requiring leadership escalation before 2025-11-14 checkpoints? | Sprint 110 leads |
|
||||
|
||||
### Standup agenda (2025-11-14)
|
||||
|
||||
| Track | Confirmation needed | Follow-ups if “no” | Reporter |
|
||||
| --- | --- | --- | --- |
|
||||
| 110.A Advisory AI | Did SBOM/CLI/Policy/DevOps provide ETAs + artifact checklists? | Escalate to guild leads immediately; flag DOCS backlog as red. | Advisory AI Guild |
|
||||
| 110.B Concelier | Is Link-Not-Merge schema ready for review (no open comments)? | Capture blockers, inform Cartographer + Advisory AI, update schema review agenda. | Concelier Core |
|
||||
| 110.C Excititor | Has Evidence Locker ack’d the attestation contract + backlog order? | Schedule follow-up session pre-15th; unblock by providing interim contract. | Excititor Web/Core |
|
||||
| 110.D Mirror | Is MIRROR-CRT-56-001 owner confirmed before kickoff? | Escalate to Mirror/Exporter leadership; re-plan kickoff if still unstaffed. | Mirror Creator Guild |
|
||||
| Cross-track | Any new dependencies discovered that affect Nov 15 deliverables? | Add to Awaiting Updates + contingency plan. | Sprint 110 leads |
|
||||
|
||||
### Standup agenda (2025-11-15)
|
||||
|
||||
| Track | Key question | Owner ready to report |
|
||||
| --- | --- | --- |
|
||||
| 110.A Advisory AI | Did SBOM/CLI/Policy/DevOps artifacts land and unblock DOCS/SBOM backlog? | Advisory AI Guild · Docs Guild |
|
||||
| 110.B Concelier | Were Link-Not-Merge schemas approved and migrations kicked off? | Concelier Core · Cartographer Guild |
|
||||
| 110.C Excititor | Is the attestation sequencing plan locked with Evidence Locker sign-off? | Excititor Web/Core Guilds · Evidence Locker Guild |
|
||||
| 110.D Mirror | Is MIRROR-CRT-56-001 staffed with a sprint plan after kickoff? | Mirror Creator Guild · Exporter Guild · AirGap Time Guild |
|
||||
| Cross-track | Any spillover risks or re-scoping needed after the checkpoints? | Sprint 110 leads |
|
||||
|
||||
### Outcome capture template (use after Nov 14–15 checkpoints)
|
||||
|
||||
| Session | Date | Outcome | Follow-up tasks |
|
||||
| --- | --- | --- | --- |
|
||||
| Advisory AI follow-up | 2025-11-14 | _TBD_ | _TBD_ |
|
||||
| Link-Not-Merge review | 2025-11-14 | _TBD_ | _TBD_ |
|
||||
| Excititor attestation sequencing | 2025-11-15 | _TBD_ | _TBD_ |
|
||||
| Mirror evidence kickoff | 2025-11-15 | _TBD_ | _TBD_ |
|
||||
|
||||
### Contingency playbook (reviewed 2025-11-13)
|
||||
|
||||
| Risk trigger | Immediate response | Owner | Escalation window |
|
||||
| --- | --- | --- | --- |
|
||||
| Link-Not-Merge review slips | Document unresolved schema fields, escalate to runtime governance, evaluate interim adapter for Advisory AI. | Concelier Core · Cartographer Guild | Escalate by 2025-11-15 governance call. |
|
||||
| SBOM/CLI/Policy/DevOps ETAs miss 2025-11-14 | Flag DOCS-AIAI backlog as “red”, source temporary screenshots/mock data, escalate to Advisory AI leadership. | Docs Guild · Advisory AI Guild | Escalate by 2025-11-15 stand-up. |
|
||||
| MIRROR-CRT-56-001 still unstaffed on 2025-11-15 | Reassign engineers from Export/Excititor backlog, drop lower-priority Mirror scope, publish revised schedule. | Mirror Creator Guild · Exporter Guild · AirGap Time Guild | Escalate by 2025-11-15 kickoff retro. |
|
||||
| Connector refreshes slip another week | Limit Advisory AI exposure to stale feeds, publish customer comms, add feeds to incident review. | Concelier Feed Owners | Escalate by 2025-11-18. |
|
||||
| Evidence Locker contract stalls | Delay attestation tasks, focus on telemetry/docs, involve Platform Governance. | Evidence Locker Guild · Excititor Guild | Escalate by 2025-11-17. |
|
||||
|
||||
## Downstream dependencies (2025-11-13)
|
||||
|
||||
| Wave | Dependent sprint(s) | Impact if delayed |
|
||||
| --- | --- | --- |
|
||||
| 110.A AdvisoryAI | Advisory AI customer rollout (Docs, Console, CLI), `SPRINT_120_excititor_ii.md`, `SPRINT_140_runtime_signals.md` | SBOM/CLI/Policy/DevOps lag keeps Advisory AI docs + guardrails blocked and stalls downstream Scanner/Policy/Vuln Explorer adoption. |
|
||||
| 110.B Concelier | `SPRINT_140_runtime_signals.md`, `SPRINT_185_shared_replay_primitives.md`, Concelier console/air-gap/attest waves | Link-Not-Merge schema + observation APIs gate Concelier graph, telemetry, and orchestrator waves; Console/advisor UIs stay blocked. |
|
||||
| 110.C Excititor | `SPRINT_120_excititor_ii.md` → `SPRINT_124_excititor_vi.md` | VEX chunk/attestation phases cannot progress until chunk/telemetry deliverables land, delaying Lens, Policy, and Advisory AI parity. |
|
||||
| 110.D Mirror | `SPRINT_125_mirror.md` | Export Center, CLI, and air-gap bundles rely on MIRROR-CRT-56-001; no downstream mirror automation can begin until the deterministic assembler is complete. |
|
||||
|
||||
## Interlocks & owners (2025-11-13)
|
||||
|
||||
| Interlock | Participants | Needed artifact(s) | Status / notes |
|
||||
| --- | --- | --- | --- |
|
||||
| Advisory AI customer surfaces | Advisory AI Guild · SBOM Service Guild · CLI Guild · Policy Guild · DevOps Guild | `SBOM-AIAI-31-001`, `SBOM-AIAI-31-003`, `CLI-VULN-29-001`, `CLI-VEX-30-001`, `POLICY-ENGINE-31-001`, `DEVOPS-AIAI-31-001` | ETAs due 2025-11-14 to unblock DOCS-AIAI backlog and SBOM-AIAI-31-003. |
|
||||
| Link-Not-Merge contract | Concelier Core/WebService Guilds · Cartographer Guild · Platform Events Guild | `CONCELIER-LNM-21-001`→`21-203`, `CARTO-GRAPH-21-002`, `CONCELIER-GRAPH-21-001/002`, `CONCELIER-CONSOLE-23-001..003` | Schema review on 2025-11-14 to unblock CONCELIER-AIAI-31-002/003 and downstream console/air-gap tasks. |
|
||||
| VEX justification + attestation | Excititor Web/Core Guilds · Observability Guild · Evidence Locker Guild · Cartographer Guild | `EXCITITOR-AIAI-31-001`→`31-004`, `EXCITITOR-ATTEST-01-003`, `EXCITITOR-ATTEST-73-001/002`, `EXCITITOR-AIRGAP-56/57/58-*`, `EXCITITOR-CONN-TRUST-01-001` | Attestation sequencing meeting on 2025-11-15 to finalize Evidence Locker contract + backlog order. |
|
||||
| Mirror evidence kickoff | Mirror Creator Guild · Exporter Guild · AirGap Time Guild · Security Guild · CLI Guild | `MIRROR-CRT-56/57/58-*`, `EXPORT-OBS-51-001`, `EXPORT-OBS-54-001`, `AIRGAP-TIME-57-001`, `CLI-AIRGAP-56-001`, `PROV-OBS-53-001` | Kickoff scheduled 2025-11-15; objective is to assign MIRROR-CRT-56-001 owner and confirm downstream staffing. |
|
||||
|
||||
## Coordination log
|
||||
|
||||
| Date | Notes |
|
||||
| --- | --- |
|
||||
| 2025-11-13 | Snapshot, wave tracker, decision/action lists, and contingency plan refreshed ahead of 2025-11-14/15 checkpoints; awaiting SBOM/CLI/Policy/DevOps ETAs, Link-Not-Merge approval, and Mirror staffing outcomes. |
|
||||
| 2025-11-09 | Sprint file captured initial wave detail references, interlocks, and risks pending SBOM/CLI/POLICY/DevOps, Link-Not-Merge, Excititor justification, and Mirror assembler commitments. |
|
||||
|
||||
## Risk log (2025-11-13)
|
||||
|
||||
### Risk outlook (2025-11-13)
|
||||
| Risk | Impact | Mitigation / owner |
|
||||
| --- | --- | --- |
|
||||
| SBOM/CLI/Policy/DevOps deliverables slip past 2025-11-14 | Advisory AI docs + SBOM feeds remain blocked, delaying customer rollout + dependent sprints. | Capture ETAs during 2025-11-14 interlock; escalate to Advisory AI leadership if not committed. |
|
||||
| Link-Not-Merge schema delays (`CONCELIER-LNM-21-*`, `CARTO-GRAPH-21-002`) | Concelier/Excititor evidence APIs, console views, and air-gap tracks cannot progress; Advisory AI loses deterministic feeds. | Land schema review on 2025-11-14; publish migration plan and unblock CONCELIER-AIAI-31-002 + EXCITITOR-AIAI-31-002 immediately after approval. |
|
||||
| Excititor attestation backlog stalls | Advisory AI cannot cite VEX evidence; attestation + air-gap tasks idle; Mirror parity slips. | Use 2025-11-15 sequencing session to lock order, then reserve engineering capacity for attestation tickets. |
|
||||
| Mirror assembler lacks staffing (`MIRROR-CRT-56-001`) | DSSE/TUF, OCI/time-anchor, CLI, Export Center automations cannot start, blocking Sprint 125 altogether. | Assign owner during 2025-11-15 kickoff; reallocate Export/AirGap engineers if no volunteer surfaces. |
|
||||
| Connector provenance refreshes remain overdue | Advisory AI may serve stale evidence for ICSCISA/KISA feeds. | Feed owners to publish remediation plan and temporary mitigations by 2025-11-15 stand-up. |
|
||||
| SBOM/CLI/Policy/DevOps artefacts slip past 14 Nov | Advisory AI docs + SBOM feeds stay blocked, delaying customer rollout & dependent sprints. | Lock ETAs during 14 Nov interlock; escalate to Advisory AI leadership if commitments slip. |
|
||||
| Link-Not-Merge schema approval delayed | Concelier/Excititor APIs, console overlays, and air-gap bundles remain gated. | Close 14 Nov review with migration notes; unblock tasks immediately after approval. |
|
||||
| Excititor attestation backlog stalls | VEX evidence + air-gap parity cannot progress; Mirror support drifts. | Use 15 Nov sequencing session to lock order, reserve engineering capacity. |
|
||||
| MIRROR-CRT-56-001 remains unstaffed | DSSE/TUF, OCI/time-anchor, CLI, Export Center automation cannot start (Sprint 125 slips). | Assign owner at kickoff; reallocate Export/AirGap engineers if needed. |
|
||||
| Connector refreshes (ICSCISA/KISA) remain overdue | Advisory AI may serve stale advisories; telemetry accuracy suffers. | Feed owners to publish remediation plan + interim mitigations by 15 Nov stand-up. |
|
||||
|
||||
## Next Checkpoints
|
||||
| Date (UTC) | Session | Goal | Impacted wave(s) | Prep owner(s) |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| 2025-11-14 | Advisory AI customer surfaces follow-up | Capture SBOM/CLI/Policy/DevOps ETAs to restart DOCS/SBOM work. | 110.A | Advisory AI · SBOM · CLI · Policy · DevOps guild leads |
|
||||
| 2025-11-14 | Link-Not-Merge schema review | Approve schema payloads + migration notes. | 110.B · 110.C | Concelier Core · Cartographer Guild · SBOM Service Guild |
|
||||
| 2025-11-15 | Excititor attestation sequencing | Lock Evidence Locker contract + backlog order. | 110.C | Excititor Web/Core · Evidence Locker Guild |
|
||||
| 2025-11-15 | Mirror evidence kickoff | Assign MIRROR-CRT-56-001 owner, confirm staffing, outline DSSE/TUF + OCI milestones. | 110.D | Mirror Creator · Exporter · AirGap Time · Security guilds |
|
||||
|
||||
## Appendix
|
||||
- Detailed coordination artefacts, contingency playbook, and historical notes previously held in this sprint now live at `docs/implplan/archived/SPRINT_110_ingestion_evidence_2025-11-13.md`.
|
||||
|
||||
@@ -1,22 +1,61 @@
|
||||
# Sprint 125 - Ingestion & Evidence · 110.D) Mirror
|
||||
# Sprint 125 · Ingestion & Evidence · Mirror
|
||||
|
||||
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
|
||||
## Topic & Scope
|
||||
- Build the deterministic mirror bundle assembler covering advisories, VEX, policy packs, and optional OCI artefacts.
|
||||
- Layer DSSE/TUF metadata, time anchors, and CLI automation so air-gapped sites receive verifiable bundles.
|
||||
- Wire Export Center and scheduling hooks so mirror creation can be orchestrated automatically.
|
||||
|
||||
[Ingestion & Evidence] 110.D) Mirror
|
||||
Depends on: Sprint 100.A - Attestor
|
||||
Summary: Ingestion & Evidence focus on Mirror.
|
||||
Task ID | State | Task description | Owners (Source)
|
||||
--- | --- | --- | ---
|
||||
MIRROR-CRT-56-001 | TODO | Implement deterministic bundle assembler supporting advisories, VEX, policy packs with Zstandard compression and manifest generation. Dependencies: EXPORT-OBS-51-001. | Mirror Creator Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
MIRROR-CRT-56-002 | TODO | Integrate DSSE signing and TUF metadata generation (`root`, `snapshot`, `timestamp`, `targets`). Dependencies: MIRROR-CRT-56-001, PROV-OBS-53-001. | Mirror Creator Guild, Security Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
MIRROR-CRT-57-001 | TODO | Add optional OCI image collection producing oci-archive layout with digests recorded in manifest. Dependencies: MIRROR-CRT-56-001. | Mirror Creator Guild, DevOps Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
MIRROR-CRT-57-002 | TODO | Embed signed time anchor metadata (`meta/time-anchor.json`) sourced from trusted authority. Dependencies: MIRROR-CRT-56-002, AIRGAP-TIME-57-001. | Mirror Creator Guild, AirGap Time Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
MIRROR-CRT-58-001 | TODO | Deliver CLI `stella mirror create|verify` commands with content selection flags, delta mode, and dry-run verification. Dependencies: MIRROR-CRT-56-002, CLI-AIRGAP-56-001. | Mirror Creator Guild, CLI Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
MIRROR-CRT-58-002 | TODO | Integrate with Export Center scheduling to automate mirror bundle creation with audit logs. Dependencies: MIRROR-CRT-56-002, EXPORT-OBS-54-001. | Mirror Creator Guild, Exporter Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
## Dependencies & Concurrency
|
||||
- Upstream: Sprint 110.D must deliver the assembler foundation (`MIRROR-CRT-56-001`). Attestor v2 contracts from Sprint 100.A remain required.
|
||||
- Mirror sprints share the 120s decade with Policy & Reasoning work but remain independent; avoid adding dependencies on `SPRINT_125_policy_reasoning.md`.
|
||||
- Evidence Locker, Export Center, CLI, and AirGap Time guild commitments must be available as soon as assembler code exists.
|
||||
|
||||
## Documentation Prerequisites
|
||||
- `docs/modules/export-center/architecture.md`
|
||||
- `docs/modules/airgap/architecture.md`
|
||||
- `docs/modules/devops/architecture.md`
|
||||
- `docs/modules/policy/architecture.md` (for provenance expectations)
|
||||
|
||||
If all tasks are done - read next sprint section - SPRINT_120_policy_reasoning.md
|
||||
## Task Board
|
||||
| Task ID | Status | Owner(s) | Dependencies | Notes |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| MIRROR-CRT-56-001 | TODO | Mirror Creator Guild | Staffing decision | Implement deterministic assembler with manifest + CAS layout. |
|
||||
| MIRROR-CRT-56-002 | TODO | Mirror Creator · Security Guilds | MIRROR-CRT-56-001; PROV-OBS-53-001 | Integrate DSSE signing + TUF metadata (`root`, `snapshot`, `timestamp`, `targets`). |
|
||||
| MIRROR-CRT-57-001 | TODO | Mirror Creator · DevOps Guild | MIRROR-CRT-56-001 | Add optional OCI archive generation with digest recording. |
|
||||
| MIRROR-CRT-57-002 | TODO | Mirror Creator · AirGap Time Guild | MIRROR-CRT-56-002; AIRGAP-TIME-57-001 | Embed signed time-anchor metadata. |
|
||||
| MIRROR-CRT-58-001 | TODO | Mirror Creator · CLI Guild | MIRROR-CRT-56-002; CLI-AIRGAP-56-001 | Deliver `stella mirror create|verify` verbs with delta + verification flows. |
|
||||
| MIRROR-CRT-58-002 | TODO | Mirror Creator · Exporter Guild | MIRROR-CRT-56-002; EXPORT-OBS-54-001 | Integrate Export Center scheduling + audit logs. |
|
||||
| EXPORT-OBS-51-001 / 54-001 | TODO | Exporter Guild | MIRROR-CRT-56-001 staffing | Align Export Center workers with assembler output. |
|
||||
| AIRGAP-TIME-57-001 | TODO | AirGap Time Guild | MIRROR-CRT-56-001; MIRROR-CRT-57-002 | Provide trusted time-anchor service & policy. |
|
||||
| CLI-AIRGAP-56-001 | TODO | CLI Guild | MIRROR-CRT-56-002; MIRROR-CRT-58-001 | Extend CLI offline kit tooling to consume mirror bundles. |
|
||||
| PROV-OBS-53-001 | TODO | Security Guild | MIRROR-CRT-56-001 | Define provenance observers + verification hooks. |
|
||||
|
||||
> 2025-11-04: AIAI-31-004A DONE – WebService/Worker wiring plus filesystem queue operational; metrics/logs added; tests executed via `dotnet test src/AdvisoryAI/__Tests/StellaOps.AdvisoryAI.Tests/StellaOps.AdvisoryAI.Tests.csproj --no-restore`.
|
||||
## Execution Log
|
||||
| Date (UTC) | Update | Owner |
|
||||
| --- | --- | --- |
|
||||
| 2025-11-13 | Kickoff rescheduled to 15 Nov pending MIRROR-CRT-56-001 staffing; downstream guilds alerted to prepare resource plans. | Mirror Creator Guild |
|
||||
|
||||
> 2025-11-04: AIAI-31-006 DONE – REST endpoints enforce scope headers, apply rate limits, sanitize prompts through guardrails, and enqueue execution with cached metadata.
|
||||
## Decisions & Risks
|
||||
### Decisions
|
||||
| Decision | Owner(s) | Due | Notes |
|
||||
| --- | --- | --- | --- |
|
||||
| Assign primary engineer for MIRROR-CRT-56-001 | Mirror Creator Guild · Exporter Guild | 2025-11-15 kickoff | Without an owner the assembler cannot start and all downstream tasks remain blocked. |
|
||||
| Confirm DSSE/TUF signing profile | Security Guild · Attestor Guild | 2025-11-18 | Needed before MIRROR-CRT-56-002 can merge. |
|
||||
| Lock time-anchor authority scope | AirGap Time Guild · Mirror Creator Guild | 2025-11-19 | Required for MIRROR-CRT-57-002 policy enforcement. |
|
||||
|
||||
### Risks
|
||||
| Risk | Impact | Mitigation |
|
||||
| --- | --- | --- |
|
||||
| Staffing gap for MIRROR-CRT-56-001 persists after kickoff | DSSE/TUF, OCI, CLI, Export tracks slip; Sprint 125 jams the Export Center roadmap. | Escalate to program leadership, reassign engineers from Export Center or Excititor queue. |
|
||||
| DSSE/TUF contract debates with Security guild | Signing + transparency integration slips, blocking CLI/Export release. | Align on profile ahead of development; capture ADR in `docs/airgap`. |
|
||||
| Time-anchor requirements undefined | Air-gapped bundles lose verifiable time guarantees. | Run focused session with AirGap Time Guild to lock policy + service interface. |
|
||||
|
||||
## Next Checkpoints
|
||||
| Date (UTC) | Session | Goal | Owner(s) |
|
||||
| --- | --- | --- | --- |
|
||||
| 2025-11-15 | Mirror evidence kickoff | Assign MIRROR-CRT-56-001 owner, outline scope, confirm downstream staffing. | Mirror Creator · Exporter · AirGap Time · Security guilds |
|
||||
| 2025-11-18 | DSSE/TUF design review | Freeze signing profile + manifest shape. | Mirror Creator · Security Guild |
|
||||
| 2025-11-19 | Time-anchor policy workshop | Approve requirements for AIRGAP-TIME-57-001. | AirGap Time Guild · Mirror Creator |
|
||||
|
||||
## Appendix
|
||||
- Previous detailed notes retained at `docs/implplan/archived/SPRINT_125_mirror_2025-11-13.md`.
|
||||
|
||||
@@ -1,12 +1,40 @@
|
||||
# Sprint 300 - Documentation & Process
|
||||
# Sprint 300 · Documentation & Process
|
||||
|
||||
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
|
||||
## Topic & Scope
|
||||
- Govern the documentation process ladder, ensuring Docs Tasks Md.I (Sprint 301) and subsequent Md phases stay sequenced and resourced.
|
||||
- Coordinate module dossier refreshes once Docs Tasks Md ladder has progressed enough to support them.
|
||||
|
||||
This file now only tracks the documentation & process status snapshot. Active backlog lives in Sprint 301 and later files.
|
||||
## Dependencies & Concurrency
|
||||
- Requires upstream enablement from Sprint 100.A (Attestor), Sprint 110.A (Advisory AI), Sprint 120.A (AirGap), Sprint 130.A (Scanner), Sprint 140.A (Graph), Sprint 150.A (Orchestrator), Sprint 160.A (Evidence Locker), Sprint 170.A (Notifier), Sprint 180.A (CLI), and Sprint 190.A (Ops Deployment).
|
||||
- Streams in the 300 decade stay independent once their prerequisites are met; do not let 300-series sprints depend on each other within the same decade.
|
||||
|
||||
## Wave coordination
|
||||
## Documentation Prerequisites
|
||||
- `docs/implplan/README.md`
|
||||
- `docs/modules/platform/architecture-overview.md`
|
||||
- `docs/README.md`
|
||||
|
||||
| Wave | Guild owners | Shared prerequisites | Status | Notes |
|
||||
## Task Board
|
||||
| Stream | Status | Owner(s) | Dependencies | Notes |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| 200.A Docs Tasks.md ladder | Docs Guild · Ops Guild (for air-gap content) | Sprint 100.A – Attestor; Sprint 110.A – AdvisoryAI; Sprint 120.A – AirGap; Sprint 130.A – Scanner; Sprint 140.A – Graph; Sprint 150.A – Orchestrator; Sprint 160.A – EvidenceLocker; Sprint 170.A – Notifier; Sprint 180.A – CLI; Sprint 190.A – Ops Deployment | TODO | Tasks Md.I must flip to DOING first; each subsequent Md stage depends on the prior file, so keep sequencing strict. |
|
||||
| 200.B Module dossiers | Docs Guild · Respective Module Guilds (Authority, Concelier, etc.) | Same as above plus Ops Deployment evidence (Sprint 190.A) | TODO | Once Docs Tasks Md.I captures the updated process, we can move the per-module sprints (312‑335) to DOING in parallel; verify each module's AGENTS file before editing. |
|
||||
| 200.A Docs Tasks.md ladder (Sprint 301 onwards) | DOING (2025-11-13) | Docs Guild · Ops Guild | Attestor 100.A; Advisory AI 110.A; AirGap 120.A; Scanner 130.A; Graph 140.A; Orchestrator 150.A; EvidenceLocker 160.A; Notifier 170.A; CLI 180.A; Ops Deployment 190.A | Implementing new implplan template, aligning Md.I backlog before subsequent Md phases move. |
|
||||
| 200.B Module dossiers (Sprints 312–335) | TODO | Docs Guild · Module Guild owners | Docs Tasks Md ladder to at least Md.II; Ops deployment evidence | Stays queued until Docs Tasks Md ladder provides updated process + assets. |
|
||||
|
||||
## Execution Log
|
||||
| Date (UTC) | Update | Owner |
|
||||
| --- | --- | --- |
|
||||
| 2025-11-13 | Sprint 300 switched to topic-oriented template; Docs Tasks Md ladder marked DOING to reflect ongoing restructuring work. | Docs Guild |
|
||||
|
||||
## Decisions & Risks
|
||||
| Item | Type | Owner(s) | Due | Notes |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| Confirm sequencing gates between Md.I and module dossiers | Decision | Docs Guild · Module guild leads | 2025-11-18 | Needed before opening 312–335 sprints. |
|
||||
| Risk: Docs capacity constrained while Md.I remains open | Risk | Docs Guild | Ongoing | Track velocity; request backup writers if Md.I exceeds 2-week window. |
|
||||
|
||||
## Next Checkpoints
|
||||
| Date (UTC) | Session | Goal | Owner(s) |
|
||||
| --- | --- | --- | --- |
|
||||
| 2025-11-15 | Docs ladder stand-up | Review Md.I progress, confirm readiness to open Md.II (Sprint 302). | Docs Guild |
|
||||
| 2025-11-18 | Module dossier planning call | Validate prerequisites before flipping dossier sprints to DOING. | Docs Guild · Module guild leads |
|
||||
|
||||
## Appendix
|
||||
- Prior version archived at `docs/implplan/archived/SPRINT_300_documentation_process_2025-11-13.md`.
|
||||
|
||||
@@ -1,23 +1,67 @@
|
||||
# Sprint 301 - Documentation & Process · 200.A) Docs Tasks.Md.I
|
||||
# Sprint 301 · Documentation & Process · Docs Tasks Md.I
|
||||
|
||||
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
|
||||
## Topic & Scope
|
||||
- Establish the first milestone (`Md.I`) for docs process reform covering Advisory AI guardrails, air-gap guides, and deterministic scanner documentation.
|
||||
- Capture cross-guild prerequisites so downstream module dossiers can start once Md.I closes.
|
||||
- Keep deliverables deterministic (golden outputs, reproducible screenshots, signed fixtures).
|
||||
|
||||
[Documentation & Process] 200.A) Docs Tasks.Md.I
|
||||
Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph, Sprint 150.A - Orchestrator, Sprint 160.A - EvidenceLocker, Sprint 170.A - Notifier, Sprint 180.A - Cli, Sprint 190.A - Ops Deployment
|
||||
Summary: Documentation & Process focus on Docs Tasks (phase Md.I).
|
||||
Task ID | State | Task description | Owners (Source)
|
||||
--- | --- | --- | ---
|
||||
DOCS-AIAI-31-004 | DOING (2025-11-07) | Create `/docs/advisory-ai/console.md` with screenshots, a11y notes, copy-as-ticket instructions. Dependencies: DOCS-AIAI-31-003, CONSOLE-VULN-29-001, CONSOLE-VEX-30-001, EXCITITOR-CONSOLE-23-001. | Docs Guild, Console Guild (docs)
|
||||
DOCS-AIAI-31-005 | BLOCKED (2025-11-03) | Publish `/docs/advisory-ai/cli.md` covering commands, exit codes, scripting patterns. Dependencies: DOCS-AIAI-31-004, CLI-VULN-29-001, CLI-VEX-30-001. | Docs Guild, DevEx/CLI Guild (docs)
|
||||
DOCS-AIAI-31-006 | BLOCKED (2025-11-03) | Update `/docs/policy/assistant-parameters.md` covering temperature, token limits, ranking weights, TTLs. Dependencies: DOCS-AIAI-31-005, POLICY-ENGINE-31-001. | Docs Guild, Policy Guild (docs)
|
||||
DOCS-AIAI-31-008 | BLOCKED (2025-11-03) | Publish `/docs/sbom/remediation-heuristics.md` (feasibility scoring, blast radius). Dependencies: DOCS-AIAI-31-007, SBOM-AIAI-31-001. | Docs Guild, SBOM Service Guild (docs)
|
||||
DOCS-AIAI-31-009 | BLOCKED (2025-11-03) | Create `/docs/runbooks/assistant-ops.md` for warmup, cache priming, model outages, scaling. Dependencies: DOCS-AIAI-31-008, DEVOPS-AIAI-31-001. | Docs Guild, DevOps Guild (docs)
|
||||
DOCS-AIRGAP-56-001 | TODO | Publish `/docs/airgap/overview.md` outlining modes, lifecycle, responsibilities, and imposed rule banner. | Docs Guild, AirGap Controller Guild (docs)
|
||||
DOCS-AIRGAP-56-002 | TODO | Author `/docs/airgap/sealing-and-egress.md` covering network policies, EgressPolicy facade usage, and verification steps. Dependencies: DOCS-AIRGAP-56-001. | Docs Guild, DevOps Guild (docs)
|
||||
DOCS-AIRGAP-56-003 | TODO | Create `/docs/airgap/mirror-bundles.md` describing bundle format, DSSE/TUF/Merkle validation, creation/import workflows. Dependencies: DOCS-AIRGAP-56-002. | Docs Guild, Exporter Guild (docs)
|
||||
DOCS-AIRGAP-56-004 | TODO | Publish `/docs/airgap/bootstrap.md` detailing Bootstrap Pack creation, validation, and install procedures. Dependencies: DOCS-AIRGAP-56-003. | Docs Guild, Deployment Guild (docs)
|
||||
DOCS-AIRGAP-57-001 | TODO | Write `/docs/airgap/staleness-and-time.md` explaining time anchors, drift policies, staleness budgets, and UI indicators. Dependencies: DOCS-AIRGAP-56-004. | Docs Guild, AirGap Time Guild (docs)
|
||||
DOCS-AIRGAP-57-002 | TODO | Publish `/docs/console/airgap.md` covering sealed badge, import wizard, staleness dashboards. Dependencies: DOCS-AIRGAP-57-001. | Docs Guild, Console Guild (docs)
|
||||
DOCS-SCANNER-DET-01 | DOING (2025-11-09) | Author `/docs/modules/scanner/deterministic-sbom-compose.md` plus scan guide updates describing fragment DSSE, `_composition.json`, and offline verification (ties to Sprint 136 tasks). Draft spec seeded in repo; remaining work covers guide updates + review. | Docs Guild, Scanner Guild (docs)
|
||||
DOCS-POLICY-DET-01 | TODO | Extend `docs/modules/policy/architecture.md` with determinism gate semantics, SPL examples, and provenance references for UI badge/policy blockers. | Docs Guild, Policy Guild (docs)
|
||||
DOCS-CLI-DET-01 | TODO | Document new `stella sbomer` verbs (`layer`, `compose`, `drift`, `verify`) with examples, exit codes, and Offline Kit instructions in `docs/cli/commands/sbomer.md`. Dependencies: CLI-SBOM-60-001/002. | Docs Guild, DevEx/CLI Guild (docs)
|
||||
## Dependencies & Concurrency
|
||||
- Requires upstream artefacts from Sprint 110.A (Advisory AI), Sprint 120 (Policy knobs), Sprint 136 (Scanner determinism), Sprint 160 (Evidence Locker), and Sprint 190 (Ops deployment).
|
||||
- Sprints 302–309 share the Docs Tasks ladder but can remain queued; do not create back edges from this file to later Md phases.
|
||||
- Mirror progress with Sprint 300 overall status; update there when Md.I tasks move.
|
||||
|
||||
## Documentation Prerequisites
|
||||
- `docs/README.md`
|
||||
- `docs/modules/platform/architecture-overview.md`
|
||||
- `docs/modules/advisory-ai/architecture.md`
|
||||
- `docs/modules/scanner/architecture.md`
|
||||
- `docs/modules/airgap/architecture.md`
|
||||
|
||||
## Task Board
|
||||
| Task ID | Status | Owner(s) | Dependencies | Notes |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| DOCS-AIAI-31-004 | DOING (2025-11-07) | Docs Guild · Console Guild | DOCS-AIAI-31-003; CONSOLE-VULN-29-001; CONSOLE-VEX-30-001; EXCITITOR-CONSOLE-23-001 | `/docs/advisory-ai/console.md` with screenshots, a11y notes, copy-as-ticket instructions. |
|
||||
| DOCS-AIAI-31-005 | BLOCKED (2025-11-03) | Docs Guild · DevEx/CLI Guild | DOCS-AIAI-31-004; CLI-VULN-29-001; CLI-VEX-30-001 | `/docs/advisory-ai/cli.md` covering commands, exit codes, scripting patterns. |
|
||||
| DOCS-AIAI-31-006 | BLOCKED (2025-11-03) | Docs Guild · Policy Guild | DOCS-AIAI-31-005; POLICY-ENGINE-31-001 | `/docs/policy/assistant-parameters.md` for temperature, token limits, ranking weights, TTLs. |
|
||||
| DOCS-AIAI-31-008 | BLOCKED (2025-11-03) | Docs Guild · SBOM Service Guild | DOCS-AIAI-31-007; SBOM-AIAI-31-001 | `/docs/sbom/remediation-heuristics.md` (feasibility scoring, blast radius). |
|
||||
| DOCS-AIAI-31-009 | BLOCKED (2025-11-03) | Docs Guild · DevOps Guild | DOCS-AIAI-31-008; DEVOPS-AIAI-31-001 | `/docs/runbooks/assistant-ops.md` for warmup, cache priming, outages, scaling. |
|
||||
| DOCS-AIRGAP-56-001 | TODO | Docs Guild · AirGap Controller Guild | — | `/docs/airgap/overview.md` outlining modes, lifecycle, responsibilities, rule banner. |
|
||||
| DOCS-AIRGAP-56-002 | TODO | Docs Guild · DevOps Guild | DOCS-AIRGAP-56-001 | `/docs/airgap/sealing-and-egress.md` (network policies, EgressPolicy facade, verification). |
|
||||
| DOCS-AIRGAP-56-003 | TODO | Docs Guild · Exporter Guild | DOCS-AIRGAP-56-002 | `/docs/airgap/mirror-bundles.md` (bundle format, DSSE/TUF/Merkle validation, workflows). |
|
||||
| DOCS-AIRGAP-56-004 | TODO | Docs Guild · Deployment Guild | DOCS-AIRGAP-56-003 | `/docs/airgap/bootstrap.md` covering Bootstrap Pack creation + install. |
|
||||
| DOCS-AIRGAP-57-001 | TODO | Docs Guild · AirGap Time Guild | DOCS-AIRGAP-56-004 | `/docs/airgap/staleness-and-time.md` (time anchors, drift, UI indicators). |
|
||||
| DOCS-AIRGAP-57-002 | TODO | Docs Guild · Console Guild | DOCS-AIRGAP-57-001 | `/docs/console/airgap.md` (sealed badge, import wizard, staleness dashboards). |
|
||||
| DOCS-SCANNER-DET-01 | DOING (2025-11-09) | Docs Guild · Scanner Guild | Sprint 136 outputs; scanner determinism fixtures | `/docs/modules/scanner/deterministic-sbom-compose.md` plus scan guide updates. |
|
||||
| DOCS-POLICY-DET-01 | TODO | Docs Guild · Policy Guild | POLICY-DET backlog | Extend `docs/modules/policy/architecture.md` with determinism gate semantics and provenance references. |
|
||||
| DOCS-CLI-DET-01 | TODO | Docs Guild · DevEx/CLI Guild | CLI-SBOM-60-001; CLI-SBOM-60-002 | Document `stella sbomer` verbs (`layer`, `compose`, `drift`, `verify`) with examples & offline instructions. |
|
||||
|
||||
## Execution Log
|
||||
| Date (UTC) | Update | Owner |
|
||||
| --- | --- | --- |
|
||||
| 2025-11-13 | Sprint 301 aligned to new planning template; outstanding dependencies catalogued with upstream guilds. | Docs Guild |
|
||||
| 2025-11-09 | Task inventory imported from legacy sprint file; SBOM/service dependencies flagged. | Docs Guild |
|
||||
|
||||
## Decisions & Risks
|
||||
### Decisions
|
||||
| Decision | Owner(s) | Due | Notes |
|
||||
| --- | --- | --- | --- |
|
||||
| Confirm Advisory AI asset delivery dates | SBOM Service · CLI · Policy · DevOps Guilds | 2025-11-14 | Needed to unblock DOCS-AIAI-31-004..009 and SBOM doc tasks. |
|
||||
| Approve Scanner determinism fixture scope | Scanner Guild | 2025-11-16 | Required for DOCS-SCANNER-DET-01 sign-off. |
|
||||
| Provide AirGap time anchor policy draft | AirGap Time Guild | 2025-11-19 | Enables staleness/time docs to move to DOING. |
|
||||
|
||||
### Risks
|
||||
| Risk | Impact | Mitigation |
|
||||
| --- | --- | --- |
|
||||
| Upstream SBOM/CLI/Policy artefacts slip | Advisory AI doc set remains blocked, delaying Md.I completion. | Capture ETAs during 14 Nov interlock; consider placeholder screenshots if needed. |
|
||||
| Scanner determinism spec churn | DOCS-SCANNER-DET-01 may require rewrite as scanner implementation evolves. | Pair with Scanner Guild; lock spec before doc review start. |
|
||||
| AirGap backlog overextends Docs Guild | Sequential dependencies could stall Md.I ladder. | Sequence DOCS-AIRGAP-56-* tasks strictly and request help from AirGap Controller Guild when dependencies land. |
|
||||
|
||||
## Next Checkpoints
|
||||
| Date (UTC) | Session | Goal | Owner(s) |
|
||||
| --- | --- | --- | --- |
|
||||
| 2025-11-14 | Advisory AI doc sync | Collect SBOM/CLI/Policy/DevOps ETAs for DOCS-AIAI backlog. | Docs Guild · Advisory AI leads |
|
||||
| 2025-11-15 | Scanner determinism review | Validate fixture coverage for DOCS-SCANNER-DET-01. | Docs Guild · Scanner Guild |
|
||||
| 2025-11-18 | AirGap doc planning session | Review sealing/egress outline and bundle workflow drafts. | Docs Guild · AirGap Controller Guild |
|
||||
|
||||
## Appendix
|
||||
- Legacy sprint content archived at `docs/implplan/archived/SPRINT_301_docs_tasks_md_i_2025-11-13.md`.
|
||||
|
||||
@@ -0,0 +1,242 @@
|
||||
# Sprint 110 - Ingestion & Evidence
|
||||
|
||||
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
|
||||
|
||||
## Wave coordination
|
||||
|
||||
| Wave | Guild owners | Shared prerequisites | Status | Notes |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| 110.A AdvisoryAI | Advisory AI Guild · Docs Guild · SBOM Service Guild | Sprint 100.A – Attestor (closed 2025-11-09 per `docs/implplan/archived/SPRINT_100_identity_signing.md`) | DOING | Guardrail regression suite (AIAI-31-009) closed 2025-11-12 with the new `AdvisoryAI:Guardrails` configuration; console doc (DOCS-AIAI-31-004) remains DOING while SBOM/CLI/Policy/DevOps dependencies unblock screenshots/runbook work. |
|
||||
| 110.B Concelier | Concelier Core & WebService Guilds · Observability Guild · AirGap Guilds (Importer/Policy/Time) | Sprint 100.A – Attestor | DOING | Paragraph chunk API shipped 2025-11-07; structured field/caching (CONCELIER-AIAI-31-002) is mid-implementation, telemetry (CONCELIER-AIAI-31-003) closed 2025-11-12, and air-gap/console/attestation tracks are held by Link-Not-Merge + Cartographer schema. |
|
||||
| 110.C Excititor | Excititor WebService/Core Guilds · Observability Guild · Evidence Locker Guild | Sprint 100.A – Attestor | DOING | Normalized justification projections (EXCITITOR-AIAI-31-001) landed; chunk API, telemetry, docs, attestation, and mirror backlog stay queued behind Link-Not-Merge / Evidence Locker prerequisites. |
|
||||
| 110.D Mirror | Mirror Creator Guild · Exporter Guild · CLI Guild · AirGap Time Guild | Sprint 100.A – Attestor | TODO | Wave remains TODO—MIRROR-CRT-56-001 has no owner, so DSSE/TUF, OCI/time-anchor, CLI, and scheduling integrations cannot proceed. |
|
||||
|
||||
## Status snapshot (2025-11-13)
|
||||
|
||||
- **Advisory AI (110.A)** – Guardrail regression suite AIAI-31-009 closed on 2025-11-12 with the `AdvisoryAI:Guardrails` binding and sub-400 ms batch budgets; DOCS-AIAI-31-004 is the lone DOING item, blocked on Console screenshots (CONSOLE-VULN-29-001 / CONSOLE-VEX-30-001) plus SBOM evidence. SBOM-AIAI-31-003 and DOCS-AIAI-31-005/006/008/009 stay BLOCKED until SBOM-AIAI-31-001, CLI-VULN-29-001, CLI-VEX-30-001, POLICY-ENGINE-31-001, and DEVOPS-AIAI-31-001 land (ETAs requested for 2025-11-14).
|
||||
- **Concelier (110.B)** – Paragraph chunk API shipped on 2025-11-07 and telemetry (CONCELIER-AIAI-31-003) landed 2025-11-12; structured field/caching (CONCELIER-AIAI-31-002) is DOING but cannot release until Link-Not-Merge plus Cartographer schema (`CARTO-GRAPH-21-002`) finalize. Air-gap (CONCELIER-AIRGAP-56..58), console (CONCELIER-CONSOLE-23-001..003), attestation (CONCELIER-ATTEST-73-001/002), and overdue connector refreshes (FEEDCONN-ICSCISA-02-012 / FEEDCONN-KISA-02-008) remain TODO.
|
||||
- **Excititor (110.C)** – Normalized VEX justifications (EXCITITOR-AIAI-31-001) are live; chunk API, telemetry, docs, attestation, air-gap, and connector parity tracks (EXCITITOR-AIAI-31-002/003/004, `EXCITITOR-ATTEST-*`, `EXCITITOR-AIRGAP-*`, `EXCITITOR-CONN-TRUST-01-001`) are queued behind the same Link-Not-Merge schema plus Evidence Locker contract.
|
||||
- **Mirror (110.D)** – MIRROR-CRT-56-001 still lacks an owner, so DSSE/TUF, OCI/time-anchor, CLI, Export Center, and AirGap Time integrations (MIRROR-CRT-56/57/58, EXPORT-OBS-51/54, AIRGAP-TIME-57-001) cannot start; kickoff moved to 2025-11-15 unless staffing is resolved sooner.
|
||||
|
||||
### Wave health (RAG snapshot)
|
||||
|
||||
| Wave | Health | Drivers |
|
||||
| --- | --- | --- |
|
||||
| 110.A AdvisoryAI | 🔶 Watching | Only DOCS-AIAI-31-004 is active; waiting on SBOM/CLI/Policy/DevOps ETAs to restart remaining doc/SBOM tasks. |
|
||||
| 110.B Concelier | 🔶 Watching | Structured caching is in-flight but Link-Not-Merge schema + connector refreshes remain unresolved. |
|
||||
| 110.C Excititor | 🔶 Watching | Downstream work entirely gated by Link-Not-Merge + Evidence Locker contract; ready to move once schemas approved. |
|
||||
| 110.D Mirror | 🔴 Blocked | MIRROR-CRT-56-001 still unstaffed; kickoff on 2025-11-15 must assign owner or sprint slips. |
|
||||
|
||||
### Wave task tracker (refreshed 2025-11-13)
|
||||
|
||||
#### 110.A AdvisoryAI
|
||||
|
||||
| Task ID | State | Notes |
|
||||
| --- | --- | --- |
|
||||
| DOCS-AIAI-31-004 | DOING | Console guardrail doc drafted; screenshots/runbook copy blocked on CONSOLE-VULN-29-001, CONSOLE-VEX-30-001, and SBOM evidence feeds. |
|
||||
| AIAI-31-009 | DONE (2025-11-12) | Guardrail regression suite + `AdvisoryAI:Guardrails` config binding merged with perf budgets. |
|
||||
| AIAI-31-008 | TODO | Remote inference packaging waits on policy knobs (AIAI-31-006/007). |
|
||||
| SBOM-AIAI-31-003 | BLOCKED | Needs SBOM-AIAI-31-001 outputs plus CLI-VULN/CLI-VEX deliverables. |
|
||||
| DOCS-AIAI-31-005/006/008/009 | BLOCKED | Await SBOM/CLI/Policy/DevOps artifacts listed above. |
|
||||
|
||||
#### 110.B Concelier
|
||||
|
||||
| Task ID | State | Notes |
|
||||
| --- | --- | --- |
|
||||
| CONCELIER-AIAI-31-002 | DOING | Structured field/caching implementation underway; blocked on Link-Not-Merge schema + CARTO-GRAPH-21-002. |
|
||||
| CONCELIER-AIAI-31-003 | DONE (2025-11-12) | Telemetry counters/histograms live for Advisory AI dashboards. |
|
||||
| CONCELIER-AIRGAP-56-001..58-001 | TODO | Air-gap bundles waiting on schema + attestation payloads. |
|
||||
| CONCELIER-CONSOLE-23-001..003 | TODO | Console overlays blocked by Link-Not-Merge delivery. |
|
||||
| CONCELIER-ATTEST-73-001/002 | TODO | Attestation metadata wiring queued behind structured caching. |
|
||||
| FEEDCONN-ICSCISA-02-012 / FEEDCONN-KISA-02-008 | BLOCKED | Connector provenance refreshes overdue; need feed owner schedule. |
|
||||
|
||||
#### 110.C Excititor
|
||||
|
||||
| Task ID | State | Notes |
|
||||
| --- | --- | --- |
|
||||
| EXCITITOR-AIAI-31-001 | DONE (2025-11-09) | Normalized VEX justification projections live at `/v1/vex/observations/{vulnerabilityId}/{productKey}`. |
|
||||
| EXCITITOR-AIAI-31-002 | TODO | Chunk API pending Link-Not-Merge schema + Evidence Locker ingest plan. |
|
||||
| EXCITITOR-AIAI-31-003 | TODO | Telemetry/guardrail instrumentation blocked on chunk schema readiness. |
|
||||
| EXCITITOR-AIAI-31-004 | TODO | Docs/OpenAPI alignment follows chunk API. |
|
||||
| EXCITITOR-ATTEST-01-003 / 73-001 / 73-002 | TODO | Attestation payload work waiting on chunk normalization + Evidence Locker scope. |
|
||||
| EXCITITOR-AIRGAP-56/57/58 · EXCITITOR-CONN-TRUST-01-001 | TODO | Air-gap + connector parity require Link-Not-Merge + attestation readiness. |
|
||||
|
||||
#### 110.D Mirror
|
||||
|
||||
| Task ID | State | Notes |
|
||||
| --- | --- | --- |
|
||||
| MIRROR-CRT-56-001 | TODO | Deterministic assembler lacks owner; kickoff reset to 2025-11-15. |
|
||||
| MIRROR-CRT-56-002 | TODO | DSSE/TUF design blocked on MIRROR-CRT-56-001 code path. |
|
||||
| MIRROR-CRT-57-001/002 | TODO | OCI/time-anchor workstreams depend on assembler completion. |
|
||||
| MIRROR-CRT-58-001/002 | TODO | Export/CLI automation waiting on MIRROR-CRT-56-001. |
|
||||
| EXPORT-OBS-51-001 / 54-001 · AIRGAP-TIME-57-001 · CLI-AIRGAP-56-001 · PROV-OBS-53-001 | TODO | Require assembler baseline and staffing commitments. |
|
||||
|
||||
### In-flight focus (DOING items)
|
||||
|
||||
| Task ID | Remaining work | Blockers | Target date | Owners |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| DOCS-AIAI-31-004 | Capture Console screenshots + guardrail ribbon copy, finalize runbook text. | CONSOLE-VULN-29-001 / CONSOLE-VEX-30-001 outputs; SBOM evidence feeds. | 2025-11-15 | Docs Guild · Advisory AI Guild |
|
||||
| CONCELIER-AIAI-31-002 | Implement structured field/caching API + regression fixtures. | Link-Not-Merge schema (`CONCELIER-GRAPH-21-001/002`, `CARTO-GRAPH-21-002`). | 2025-11-16 | Concelier Core · Concelier WebService Guilds |
|
||||
| CONCELIER-GRAPH-21-001/002 · CARTO-GRAPH-21-002 | Finalize projection schema + change events, publish migration guide. | Cross-guild review on 2025-11-14. | 2025-11-14 | Concelier Core · Cartographer Guild · SBOM Service Guild |
|
||||
| MIRROR-CRT-56-001 staffing | Assign engineering owner, scope kickoff, and start assembler implementation. | Needs Mirror/Exporter/AirGap leadership approval. | 2025-11-15 | Mirror Creator Guild · Exporter Guild |
|
||||
|
||||
### Dependency status watchlist (2025-11-13)
|
||||
|
||||
| Dependency | Status | Impacted work | Owner(s) / follow-up |
|
||||
| --- | --- | --- | --- |
|
||||
| SBOM/CLI/Policy/DevOps deliverables (SBOM-AIAI-31-001/003, CLI-VULN-29-001, CLI-VEX-30-001, POLICY-ENGINE-31-001, DEVOPS-AIAI-31-001) | ETAs requested for 2025-11-14. | DOCS-AIAI-31-004/005/006/008/009, SBOM-AIAI-31-003, AIAI-31-008. | SBOM Service · CLI · Policy · DevOps guilds |
|
||||
| Link-Not-Merge schema (CONCELIER-LNM-21-001..003, CONCELIER-GRAPH-21-001/002, CARTO-GRAPH-21-002) | Review on 2025-11-14. | CONCELIER-AIAI-31-002, CONCELIER-AIRGAP-56..58, EXCITITOR-AIAI-31-002/003/004, EXCITITOR-ATTEST-*, Mirror consumers. | Concelier Core · Cartographer Guild · Platform Events Guild |
|
||||
| Connector refreshes (FEEDCONN-ICSCISA-02-012 / FEEDCONN-KISA-02-008) | Overdue since 2025-10-23/24. | Advisory AI feed coverage + telemetry accuracy. | Concelier Feed Owners |
|
||||
| MIRROR-CRT-56-001 staffing | Owner not yet assigned; kickoff moved to 2025-11-15. | Entire Mirror wave + Export Center + AirGap Time work. | Mirror Creator Guild · Exporter Guild · AirGap Time Guild |
|
||||
| Evidence Locker attestation contract | Drafting; needs Excititor + Concelier alignment. | EXCITITOR-ATTEST-* and CONCELIER-ATTEST-73-001/002. | Evidence Locker Guild · Excititor Guild · Concelier Guild |
|
||||
|
||||
### Upcoming checkpoints (2025-11-13 → 2025-11-15)
|
||||
|
||||
| Date (UTC) | Session | Goal / expected exit | Impacted wave(s) | Prep owner(s) |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| 2025-11-14 | Advisory AI customer surfaces follow-up | Capture SBOM/CLI/Policy/DevOps ETAs so DOCS-AIAI backlog can resume. | 110.A | Advisory AI · SBOM · CLI · Policy · DevOps guild leads |
|
||||
| 2025-11-14 | Link-Not-Merge schema review | Approve CARTO-GRAPH-21-002 + CONCELIER-GRAPH-21-001/002 payloads, document migration. | 110.B · 110.C | Concelier Core · Cartographer Guild · SBOM Service Guild |
|
||||
| 2025-11-15 | Excititor attestation sequencing | Sequence EXCITITOR-AIAI-31-002/003 and slot EXCITITOR-ATTEST-01-003 / 73-001 / 73-002 with Evidence Locker. | 110.C | Excititor Web/Core · Evidence Locker Guild |
|
||||
| 2025-11-15 | Mirror evidence kickoff | Assign MIRROR-CRT-56-001 owner, confirm EXPORT-OBS/AIRGAP-TIME staffing, outline DSSE/TUF + OCI milestones. | 110.D | Mirror Creator · Exporter · AirGap Time · Security guilds |
|
||||
|
||||
### Meeting prep checklist
|
||||
|
||||
| Session | Pre-reads / artifacts | Open questions | Prep owner(s) |
|
||||
| --- | --- | --- | --- |
|
||||
| Advisory AI customer surfaces (2025-11-14) | SBOM-AIAI-31-001 projection draft, CLI-VULN/CLI-VEX scope notes, POLICY-ENGINE-31-001 knob proposal, DEVOPS-AIAI-31-001 runbook outline. | Exact delivery dates for each artifact? Any blockers requiring interim screenshots or mock SBOM data? | Advisory AI Guild · SBOM Service · CLI · Policy · DevOps guilds |
|
||||
| Link-Not-Merge schema review (2025-11-14) | Latest `CONCELIER-GRAPH-21-001/002` + `CARTO-GRAPH-21-002` payloads, migration guide draft, event contract examples. | Are there unresolved fields/tenant tags? How will backfill/replay be handled? Do Advisory AI consumers need an adapter? | Concelier Core · Cartographer Guild · SBOM Service Guild · Platform Events Guild |
|
||||
| Excititor attestation sequencing (2025-11-15) | EXCITITOR-AIAI-31-002/003 design notes, Evidence Locker contract draft, attestation backlog order (`EXCITITOR-ATTEST-*`). | Which attestation payload ships first? What telemetry/rollout gates are required? How will Evidence Locker validate manifests? | Excititor Web/Core · Evidence Locker Guild |
|
||||
| Mirror evidence kickoff (2025-11-15) | MIRROR-CRT-56-001 scope brief, EXPORT-OBS-51/54 staffing plan, AIRGAP-TIME-57-001 requirements, DSSE/TUF design outline. | Who owns MIRROR-CRT-56-001? Can Export/AirGap lend engineers immediately? Do we need interim manual bundles before assembler lands? | Mirror Creator · Exporter · AirGap Time · Security guilds |
|
||||
|
||||
### Target outcomes (through 2025-11-15)
|
||||
|
||||
| Deliverable | Target date | Status | Dependencies / notes |
|
||||
| --- | --- | --- | --- |
|
||||
| DOCS-AIAI-31-004 publication | 2025-11-15 | DOING | Needs Console screenshots + SBOM feeds once SBOM/CLI ETAs are confirmed. |
|
||||
| SBOM/CLI/Policy/DevOps ETA commitments | 2025-11-14 | PENDING | Advisory AI follow-up must end with written delivery dates. |
|
||||
| Link-Not-Merge schema approval | 2025-11-14 | PENDING | Requires agreement on CONCELIER-GRAPH-21-001/002 + CARTO-GRAPH-21-002 payloads. |
|
||||
| Excititor attestation sequencing plan | 2025-11-15 | PENDING | Dependent on Evidence Locker contract + attestation backlog ordering. |
|
||||
| MIRROR-CRT-56-001 owner assignment | 2025-11-15 | PENDING | Must exit kickoff with named engineer + sprint scope. |
|
||||
|
||||
### Awaiting updates (blocking follow-ups)
|
||||
|
||||
| Update needed | Why it matters | Requested from | When requested |
|
||||
| --- | --- | --- | --- |
|
||||
| Written SBOM-AIAI-31-001/003, CLI-VULN-29-001, CLI-VEX-30-001, POLICY-ENGINE-31-001, DEVOPS-AIAI-31-001 ETAs | Unblocks DOCS-AIAI-31-004/005/006/008/009 and SBOM-AIAI-31-003 | SBOM Service, CLI, Policy, DevOps guild leads | 2025-11-13 stand-up |
|
||||
| Confirmation that Link-Not-Merge pre-read comments are resolved | Determines whether schema can be approved on 2025-11-14 | Concelier Core · Cartographer Guild · SBOM Service Guild | 2025-11-13 meeting prep |
|
||||
| Evidence Locker sign-off on attestation contract draft | Required before Excititor attestation sequencing on 2025-11-15 | Evidence Locker Guild | 2025-11-13 |
|
||||
| Mirror/Exporter leadership agreement on MIRROR-CRT-56-001 owner | Without it, the 2025-11-15 kickoff has no accountable engineer | Mirror Creator Guild · Exporter Guild · AirGap Time Guild | 2025-11-13 |
|
||||
|
||||
### Pre-read distribution status (as of 2025-11-13 22:31 UTC)
|
||||
|
||||
| Session | Pre-read packet | Status | Owner(s) |
|
||||
| --- | --- | --- | --- |
|
||||
| Advisory AI follow-up (2025-11-14) | SBOM kit draft + CLI/Policy/DevOps notes | Docs compiled; waiting for guild leads to append ETA fields before sharing. | Advisory AI Guild |
|
||||
| Link-Not-Merge review (2025-11-14) | Schema redlines + migration doc | Circulated to Concelier/Cartographer/SBOM; comments due morning of 2025-11-14. | Concelier Core · Cartographer Guild |
|
||||
| Excititor attestation sequencing (2025-11-15) | Evidence Locker contract draft + backlog order | Draft complete; Evidence Locker reviewing telemetry requirements. | Excititor Web/Core · Evidence Locker Guild |
|
||||
| Mirror kickoff (2025-11-15) | MIRROR-CRT-56-001 scope brief + staffing proposal | Outline sent to Mirror/Exporter leadership; pending confirmation of available engineers. | Mirror Creator Guild · Exporter Guild |
|
||||
|
||||
### Decisions needed (before 2025-11-15)
|
||||
|
||||
| Decision | Blocking work | Accountable owner(s) | Due date |
|
||||
| --- | --- | --- | --- |
|
||||
| Provide SBOM/CLI/Policy/DevOps delivery dates | DOCS-AIAI-31-004/005/006/008/009, SBOM-AIAI-31-003, AIAI-31-008 | SBOM Service · CLI · Policy · DevOps guilds | 2025-11-14 |
|
||||
| Approve Link-Not-Merge + CARTO schema | CONCELIER-AIAI-31-002, EXCITITOR-AIAI-31-002/003/004, air-gap + attestation tasks | Concelier Core · Cartographer Guild · SBOM Service Guild | 2025-11-14 |
|
||||
| Assign MIRROR-CRT-56-001 owner | All Mirror/Export/AirGap downstream work | Mirror Creator Guild · Exporter Guild · AirGap Time Guild | 2025-11-15 |
|
||||
| Confirm Evidence Locker attestation scope | EXCITITOR-ATTEST-* and CONCELIER-ATTEST-73-001/002 | Evidence Locker Guild · Excititor Guild · Concelier Guild | 2025-11-15 |
|
||||
| Approve DOCS-AIAI-31-004 screenshot plan | Publication of console guardrail doc | Docs Guild · Console Guild | 2025-11-15 |
|
||||
|
||||
### Action item tracker (status as of 2025-11-13)
|
||||
|
||||
| Item | Status | Next step | Owner(s) | Due |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| SBOM-AIAI-31-001 projection kit | Pending ETA | Provide delivery date + artifact checklist during 2025-11-14 call. | SBOM Service Guild | 2025-11-14 |
|
||||
| CLI-VULN-29-001 / CLI-VEX-30-001 scope alignment | In progress | Confirm parameter set + release vehicle to unblock docs. | CLI Guild | 2025-11-14 |
|
||||
| POLICY-ENGINE-31-001 guardrail knob | Drafting | Share config snippet + rollout plan with Advisory AI. | Policy Guild | 2025-11-14 |
|
||||
| DEVOPS-AIAI-31-001 deployment runbooks | Not started | Outline automation coverage and ops checklist. | DevOps Guild | 2025-11-15 |
|
||||
| Link-Not-Merge schema redlines | Circulated | Sign off during 2025-11-14 review, publish migration notes. | Concelier Core · Cartographer Guild · SBOM Service Guild | 2025-11-14 |
|
||||
| MIRROR-CRT-56-001 staffing plan | Not started | Name owner + confirm initial sprint scope. | Mirror Creator Guild · Exporter Guild | 2025-11-15 |
|
||||
|
||||
### Standup agenda (2025-11-13)
|
||||
|
||||
| Track | Questions to cover | Owner ready to report |
|
||||
| --- | --- | --- |
|
||||
| 110.A Advisory AI | Are SBOM/CLI/Policy/DevOps guilds ready to commit ETAs so DOCS-AIAI backlog can resume? | Advisory AI Guild · Docs Guild |
|
||||
| 110.B Concelier | Link-Not-Merge review prep status and connector refresh recovery plan? | Concelier Core · Concelier WebService Guilds |
|
||||
| 110.C Excititor | Evidence Locker contract + attestation sequencing ready for 2025-11-15 session? | Excititor Web/Core Guilds · Evidence Locker Guild |
|
||||
| 110.D Mirror | Who is owning MIRROR-CRT-56-001 and what runway is needed? | Mirror Creator Guild · Exporter Guild |
|
||||
| Cross-track | Any new risks requiring leadership escalation before 2025-11-14 checkpoints? | Sprint 110 leads |
|
||||
|
||||
### Standup agenda (2025-11-14)
|
||||
|
||||
| Track | Confirmation needed | Follow-ups if “no” | Reporter |
|
||||
| --- | --- | --- | --- |
|
||||
| 110.A Advisory AI | Did SBOM/CLI/Policy/DevOps provide ETAs + artifact checklists? | Escalate to guild leads immediately; flag DOCS backlog as red. | Advisory AI Guild |
|
||||
| 110.B Concelier | Is Link-Not-Merge schema ready for review (no open comments)? | Capture blockers, inform Cartographer + Advisory AI, update schema review agenda. | Concelier Core |
|
||||
| 110.C Excititor | Has Evidence Locker ack’d the attestation contract + backlog order? | Schedule follow-up session pre-15th; unblock by providing interim contract. | Excititor Web/Core |
|
||||
| 110.D Mirror | Is MIRROR-CRT-56-001 owner confirmed before kickoff? | Escalate to Mirror/Exporter leadership; re-plan kickoff if still unstaffed. | Mirror Creator Guild |
|
||||
| Cross-track | Any new dependencies discovered that affect Nov 15 deliverables? | Add to Awaiting Updates + contingency plan. | Sprint 110 leads |
|
||||
|
||||
### Standup agenda (2025-11-15)
|
||||
|
||||
| Track | Key question | Owner ready to report |
|
||||
| --- | --- | --- |
|
||||
| 110.A Advisory AI | Did SBOM/CLI/Policy/DevOps artifacts land and unblock DOCS/SBOM backlog? | Advisory AI Guild · Docs Guild |
|
||||
| 110.B Concelier | Were Link-Not-Merge schemas approved and migrations kicked off? | Concelier Core · Cartographer Guild |
|
||||
| 110.C Excititor | Is the attestation sequencing plan locked with Evidence Locker sign-off? | Excititor Web/Core Guilds · Evidence Locker Guild |
|
||||
| 110.D Mirror | Is MIRROR-CRT-56-001 staffed with a sprint plan after kickoff? | Mirror Creator Guild · Exporter Guild · AirGap Time Guild |
|
||||
| Cross-track | Any spillover risks or re-scoping needed after the checkpoints? | Sprint 110 leads |
|
||||
|
||||
### Outcome capture template (use after Nov 14–15 checkpoints)
|
||||
|
||||
| Session | Date | Outcome | Follow-up tasks |
|
||||
| --- | --- | --- | --- |
|
||||
| Advisory AI follow-up | 2025-11-14 | _TBD_ | _TBD_ |
|
||||
| Link-Not-Merge review | 2025-11-14 | _TBD_ | _TBD_ |
|
||||
| Excititor attestation sequencing | 2025-11-15 | _TBD_ | _TBD_ |
|
||||
| Mirror evidence kickoff | 2025-11-15 | _TBD_ | _TBD_ |
|
||||
|
||||
### Contingency playbook (reviewed 2025-11-13)
|
||||
|
||||
| Risk trigger | Immediate response | Owner | Escalation window |
|
||||
| --- | --- | --- | --- |
|
||||
| Link-Not-Merge review slips | Document unresolved schema fields, escalate to runtime governance, evaluate interim adapter for Advisory AI. | Concelier Core · Cartographer Guild | Escalate by 2025-11-15 governance call. |
|
||||
| SBOM/CLI/Policy/DevOps ETAs miss 2025-11-14 | Flag DOCS-AIAI backlog as “red”, source temporary screenshots/mock data, escalate to Advisory AI leadership. | Docs Guild · Advisory AI Guild | Escalate by 2025-11-15 stand-up. |
|
||||
| MIRROR-CRT-56-001 still unstaffed on 2025-11-15 | Reassign engineers from Export/Excititor backlog, drop lower-priority Mirror scope, publish revised schedule. | Mirror Creator Guild · Exporter Guild · AirGap Time Guild | Escalate by 2025-11-15 kickoff retro. |
|
||||
| Connector refreshes slip another week | Limit Advisory AI exposure to stale feeds, publish customer comms, add feeds to incident review. | Concelier Feed Owners | Escalate by 2025-11-18. |
|
||||
| Evidence Locker contract stalls | Delay attestation tasks, focus on telemetry/docs, involve Platform Governance. | Evidence Locker Guild · Excititor Guild | Escalate by 2025-11-17. |
|
||||
|
||||
## Downstream dependencies (2025-11-13)
|
||||
|
||||
| Wave | Dependent sprint(s) | Impact if delayed |
|
||||
| --- | --- | --- |
|
||||
| 110.A AdvisoryAI | Advisory AI customer rollout (Docs, Console, CLI), `SPRINT_120_excititor_ii.md`, `SPRINT_140_runtime_signals.md` | SBOM/CLI/Policy/DevOps lag keeps Advisory AI docs + guardrails blocked and stalls downstream Scanner/Policy/Vuln Explorer adoption. |
|
||||
| 110.B Concelier | `SPRINT_140_runtime_signals.md`, `SPRINT_185_shared_replay_primitives.md`, Concelier console/air-gap/attest waves | Link-Not-Merge schema + observation APIs gate Concelier graph, telemetry, and orchestrator waves; Console/advisor UIs stay blocked. |
|
||||
| 110.C Excititor | `SPRINT_120_excititor_ii.md` → `SPRINT_124_excititor_vi.md` | VEX chunk/attestation phases cannot progress until chunk/telemetry deliverables land, delaying Lens, Policy, and Advisory AI parity. |
|
||||
| 110.D Mirror | `SPRINT_125_mirror.md` | Export Center, CLI, and air-gap bundles rely on MIRROR-CRT-56-001; no downstream mirror automation can begin until the deterministic assembler is complete. |
|
||||
|
||||
## Interlocks & owners (2025-11-13)
|
||||
|
||||
| Interlock | Participants | Needed artifact(s) | Status / notes |
|
||||
| --- | --- | --- | --- |
|
||||
| Advisory AI customer surfaces | Advisory AI Guild · SBOM Service Guild · CLI Guild · Policy Guild · DevOps Guild | `SBOM-AIAI-31-001`, `SBOM-AIAI-31-003`, `CLI-VULN-29-001`, `CLI-VEX-30-001`, `POLICY-ENGINE-31-001`, `DEVOPS-AIAI-31-001` | ETAs due 2025-11-14 to unblock DOCS-AIAI backlog and SBOM-AIAI-31-003. |
|
||||
| Link-Not-Merge contract | Concelier Core/WebService Guilds · Cartographer Guild · Platform Events Guild | `CONCELIER-LNM-21-001`→`21-203`, `CARTO-GRAPH-21-002`, `CONCELIER-GRAPH-21-001/002`, `CONCELIER-CONSOLE-23-001..003` | Schema review on 2025-11-14 to unblock CONCELIER-AIAI-31-002/003 and downstream console/air-gap tasks. |
|
||||
| VEX justification + attestation | Excititor Web/Core Guilds · Observability Guild · Evidence Locker Guild · Cartographer Guild | `EXCITITOR-AIAI-31-001`→`31-004`, `EXCITITOR-ATTEST-01-003`, `EXCITITOR-ATTEST-73-001/002`, `EXCITITOR-AIRGAP-56/57/58-*`, `EXCITITOR-CONN-TRUST-01-001` | Attestation sequencing meeting on 2025-11-15 to finalize Evidence Locker contract + backlog order. |
|
||||
| Mirror evidence kickoff | Mirror Creator Guild · Exporter Guild · AirGap Time Guild · Security Guild · CLI Guild | `MIRROR-CRT-56/57/58-*`, `EXPORT-OBS-51-001`, `EXPORT-OBS-54-001`, `AIRGAP-TIME-57-001`, `CLI-AIRGAP-56-001`, `PROV-OBS-53-001` | Kickoff scheduled 2025-11-15; objective is to assign MIRROR-CRT-56-001 owner and confirm downstream staffing. |
|
||||
|
||||
## Coordination log
|
||||
|
||||
| Date | Notes |
|
||||
| --- | --- |
|
||||
| 2025-11-13 | Snapshot, wave tracker, decision/action lists, and contingency plan refreshed ahead of 2025-11-14/15 checkpoints; awaiting SBOM/CLI/Policy/DevOps ETAs, Link-Not-Merge approval, and Mirror staffing outcomes. |
|
||||
| 2025-11-09 | Sprint file captured initial wave detail references, interlocks, and risks pending SBOM/CLI/POLICY/DevOps, Link-Not-Merge, Excititor justification, and Mirror assembler commitments. |
|
||||
|
||||
## Risk log (2025-11-13)
|
||||
|
||||
| Risk | Impact | Mitigation / owner |
|
||||
| --- | --- | --- |
|
||||
| SBOM/CLI/Policy/DevOps deliverables slip past 2025-11-14 | Advisory AI docs + SBOM feeds remain blocked, delaying customer rollout + dependent sprints. | Capture ETAs during 2025-11-14 interlock; escalate to Advisory AI leadership if not committed. |
|
||||
| Link-Not-Merge schema delays (`CONCELIER-LNM-21-*`, `CARTO-GRAPH-21-002`) | Concelier/Excititor evidence APIs, console views, and air-gap tracks cannot progress; Advisory AI loses deterministic feeds. | Land schema review on 2025-11-14; publish migration plan and unblock CONCELIER-AIAI-31-002 + EXCITITOR-AIAI-31-002 immediately after approval. |
|
||||
| Excititor attestation backlog stalls | Advisory AI cannot cite VEX evidence; attestation + air-gap tasks idle; Mirror parity slips. | Use 2025-11-15 sequencing session to lock order, then reserve engineering capacity for attestation tickets. |
|
||||
| Mirror assembler lacks staffing (`MIRROR-CRT-56-001`) | DSSE/TUF, OCI/time-anchor, CLI, Export Center automations cannot start, blocking Sprint 125 altogether. | Assign owner during 2025-11-15 kickoff; reallocate Export/AirGap engineers if no volunteer surfaces. |
|
||||
| Connector provenance refreshes remain overdue | Advisory AI may serve stale evidence for ICSCISA/KISA feeds. | Feed owners to publish remediation plan and temporary mitigations by 2025-11-15 stand-up. |
|
||||
22
docs/implplan/archived/SPRINT_125_mirror_2025-11-13.md
Normal file
22
docs/implplan/archived/SPRINT_125_mirror_2025-11-13.md
Normal file
@@ -0,0 +1,22 @@
|
||||
# Sprint 125 - Ingestion & Evidence · 110.D) Mirror
|
||||
|
||||
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
|
||||
|
||||
[Ingestion & Evidence] 110.D) Mirror
|
||||
Depends on: Sprint 100.A - Attestor
|
||||
Summary: Ingestion & Evidence focus on Mirror.
|
||||
Task ID | State | Task description | Owners (Source)
|
||||
--- | --- | --- | ---
|
||||
MIRROR-CRT-56-001 | TODO | Implement deterministic bundle assembler supporting advisories, VEX, policy packs with Zstandard compression and manifest generation. Dependencies: EXPORT-OBS-51-001. | Mirror Creator Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
MIRROR-CRT-56-002 | TODO | Integrate DSSE signing and TUF metadata generation (`root`, `snapshot`, `timestamp`, `targets`). Dependencies: MIRROR-CRT-56-001, PROV-OBS-53-001. | Mirror Creator Guild, Security Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
MIRROR-CRT-57-001 | TODO | Add optional OCI image collection producing oci-archive layout with digests recorded in manifest. Dependencies: MIRROR-CRT-56-001. | Mirror Creator Guild, DevOps Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
MIRROR-CRT-57-002 | TODO | Embed signed time anchor metadata (`meta/time-anchor.json`) sourced from trusted authority. Dependencies: MIRROR-CRT-56-002, AIRGAP-TIME-57-001. | Mirror Creator Guild, AirGap Time Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
MIRROR-CRT-58-001 | TODO | Deliver CLI `stella mirror create|verify` commands with content selection flags, delta mode, and dry-run verification. Dependencies: MIRROR-CRT-56-002, CLI-AIRGAP-56-001. | Mirror Creator Guild, CLI Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
MIRROR-CRT-58-002 | TODO | Integrate with Export Center scheduling to automate mirror bundle creation with audit logs. Dependencies: MIRROR-CRT-56-002, EXPORT-OBS-54-001. | Mirror Creator Guild, Exporter Guild (src/Mirror/StellaOps.Mirror.Creator)
|
||||
|
||||
|
||||
If all tasks are done - read next sprint section - SPRINT_120_policy_reasoning.md
|
||||
|
||||
> 2025-11-04: AIAI-31-004A DONE – WebService/Worker wiring plus filesystem queue operational; metrics/logs added; tests executed via `dotnet test src/AdvisoryAI/__Tests/StellaOps.AdvisoryAI.Tests/StellaOps.AdvisoryAI.Tests.csproj --no-restore`.
|
||||
|
||||
> 2025-11-04: AIAI-31-006 DONE – REST endpoints enforce scope headers, apply rate limits, sanitize prompts through guardrails, and enqueue execution with cached metadata.
|
||||
@@ -0,0 +1,12 @@
|
||||
# Sprint 300 - Documentation & Process
|
||||
|
||||
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
|
||||
|
||||
This file now only tracks the documentation & process status snapshot. Active backlog lives in Sprint 301 and later files.
|
||||
|
||||
## Wave coordination
|
||||
|
||||
| Wave | Guild owners | Shared prerequisites | Status | Notes |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| 200.A Docs Tasks.md ladder | Docs Guild · Ops Guild (for air-gap content) | Sprint 100.A – Attestor; Sprint 110.A – AdvisoryAI; Sprint 120.A – AirGap; Sprint 130.A – Scanner; Sprint 140.A – Graph; Sprint 150.A – Orchestrator; Sprint 160.A – EvidenceLocker; Sprint 170.A – Notifier; Sprint 180.A – CLI; Sprint 190.A – Ops Deployment | DOING | 2025-11-13 – Kicked off implplan restructuring, aligning sprint files to topic-oriented template and dependency rules. Tasks Md.I must flip to DOING first; each subsequent Md stage depends on the prior file, so keep sequencing strict. |
|
||||
| 200.B Module dossiers | Docs Guild · Respective Module Guilds (Authority, Concelier, etc.) | Same as above plus Ops Deployment evidence (Sprint 190.A) | TODO | Once Docs Tasks Md.I captures the updated process, we can move the per-module sprints (312‑335) to DOING in parallel; verify each module's AGENTS file before editing. |
|
||||
@@ -0,0 +1,23 @@
|
||||
# Sprint 301 - Documentation & Process · 200.A) Docs Tasks.Md.I
|
||||
|
||||
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
|
||||
|
||||
[Documentation & Process] 200.A) Docs Tasks.Md.I
|
||||
Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph, Sprint 150.A - Orchestrator, Sprint 160.A - EvidenceLocker, Sprint 170.A - Notifier, Sprint 180.A - Cli, Sprint 190.A - Ops Deployment
|
||||
Summary: Documentation & Process focus on Docs Tasks (phase Md.I).
|
||||
Task ID | State | Task description | Owners (Source)
|
||||
--- | --- | --- | ---
|
||||
DOCS-AIAI-31-004 | DOING (2025-11-07) | Create `/docs/advisory-ai/console.md` with screenshots, a11y notes, copy-as-ticket instructions. Dependencies: DOCS-AIAI-31-003, CONSOLE-VULN-29-001, CONSOLE-VEX-30-001, EXCITITOR-CONSOLE-23-001. | Docs Guild, Console Guild (docs)
|
||||
DOCS-AIAI-31-005 | BLOCKED (2025-11-03) | Publish `/docs/advisory-ai/cli.md` covering commands, exit codes, scripting patterns. Dependencies: DOCS-AIAI-31-004, CLI-VULN-29-001, CLI-VEX-30-001. | Docs Guild, DevEx/CLI Guild (docs)
|
||||
DOCS-AIAI-31-006 | BLOCKED (2025-11-03) | Update `/docs/policy/assistant-parameters.md` covering temperature, token limits, ranking weights, TTLs. Dependencies: DOCS-AIAI-31-005, POLICY-ENGINE-31-001. | Docs Guild, Policy Guild (docs)
|
||||
DOCS-AIAI-31-008 | BLOCKED (2025-11-03) | Publish `/docs/sbom/remediation-heuristics.md` (feasibility scoring, blast radius). Dependencies: DOCS-AIAI-31-007, SBOM-AIAI-31-001. | Docs Guild, SBOM Service Guild (docs)
|
||||
DOCS-AIAI-31-009 | BLOCKED (2025-11-03) | Create `/docs/runbooks/assistant-ops.md` for warmup, cache priming, model outages, scaling. Dependencies: DOCS-AIAI-31-008, DEVOPS-AIAI-31-001. | Docs Guild, DevOps Guild (docs)
|
||||
DOCS-AIRGAP-56-001 | TODO | Publish `/docs/airgap/overview.md` outlining modes, lifecycle, responsibilities, and imposed rule banner. | Docs Guild, AirGap Controller Guild (docs)
|
||||
DOCS-AIRGAP-56-002 | TODO | Author `/docs/airgap/sealing-and-egress.md` covering network policies, EgressPolicy facade usage, and verification steps. Dependencies: DOCS-AIRGAP-56-001. | Docs Guild, DevOps Guild (docs)
|
||||
DOCS-AIRGAP-56-003 | TODO | Create `/docs/airgap/mirror-bundles.md` describing bundle format, DSSE/TUF/Merkle validation, creation/import workflows. Dependencies: DOCS-AIRGAP-56-002. | Docs Guild, Exporter Guild (docs)
|
||||
DOCS-AIRGAP-56-004 | TODO | Publish `/docs/airgap/bootstrap.md` detailing Bootstrap Pack creation, validation, and install procedures. Dependencies: DOCS-AIRGAP-56-003. | Docs Guild, Deployment Guild (docs)
|
||||
DOCS-AIRGAP-57-001 | TODO | Write `/docs/airgap/staleness-and-time.md` explaining time anchors, drift policies, staleness budgets, and UI indicators. Dependencies: DOCS-AIRGAP-56-004. | Docs Guild, AirGap Time Guild (docs)
|
||||
DOCS-AIRGAP-57-002 | TODO | Publish `/docs/console/airgap.md` covering sealed badge, import wizard, staleness dashboards. Dependencies: DOCS-AIRGAP-57-001. | Docs Guild, Console Guild (docs)
|
||||
DOCS-SCANNER-DET-01 | DOING (2025-11-09) | Author `/docs/modules/scanner/deterministic-sbom-compose.md` plus scan guide updates describing fragment DSSE, `_composition.json`, and offline verification (ties to Sprint 136 tasks). Draft spec seeded in repo; remaining work covers guide updates + review. | Docs Guild, Scanner Guild (docs)
|
||||
DOCS-POLICY-DET-01 | TODO | Extend `docs/modules/policy/architecture.md` with determinism gate semantics, SPL examples, and provenance references for UI badge/policy blockers. | Docs Guild, Policy Guild (docs)
|
||||
DOCS-CLI-DET-01 | TODO | Document new `stella sbomer` verbs (`layer`, `compose`, `drift`, `verify`) with examples, exit codes, and Offline Kit instructions in `docs/cli/commands/sbomer.md`. Dependencies: CLI-SBOM-60-001/002. | Docs Guild, DevEx/CLI Guild (docs)
|
||||
514
docs/implplan/dependency_missing.csv
Normal file
514
docs/implplan/dependency_missing.csv
Normal file
@@ -0,0 +1,514 @@
|
||||
Sprint | Task ID | Status | Missing dependency
|
||||
SPRINT_110_ingestion_evidence | AIAI-31-008 | TODO | AIAI-31-006
|
||||
SPRINT_110_ingestion_evidence | AIAI-31-008 | TODO | AIAI-31-007
|
||||
SPRINT_110_ingestion_evidence | CONCELIER-AIAI-31-002 | DOING | CARTO-GRAPH-21-002
|
||||
SPRINT_110_ingestion_evidence | CONCELIER-AIRGAP-56-001..58-001 | TODO | Evidence Locker attestation contract
|
||||
SPRINT_110_ingestion_evidence | CONCELIER-AIRGAP-56-001..58-001 | TODO | Link-Not-Merge schema
|
||||
SPRINT_110_ingestion_evidence | CONCELIER-ATTEST-73-001 | TODO | Evidence Locker contract
|
||||
SPRINT_110_ingestion_evidence | CONCELIER-CONSOLE-23-001..003 | TODO | Link-Not-Merge schema
|
||||
SPRINT_110_ingestion_evidence | EXCITITOR-AIAI-31-002 | TODO | Evidence Locker contract
|
||||
SPRINT_110_ingestion_evidence | EXCITITOR-AIAI-31-002 | TODO | Link-Not-Merge schema
|
||||
SPRINT_110_ingestion_evidence | EXCITITOR-AIRGAP-56 | TODO | Link-Not-Merge schema
|
||||
SPRINT_110_ingestion_evidence | EXCITITOR-AIRGAP-56 | TODO | attestation plan
|
||||
SPRINT_110_ingestion_evidence | EXCITITOR-ATTEST-01-003 | TODO | Evidence Locker contract
|
||||
SPRINT_110_ingestion_evidence | EXCITITOR-CONN-TRUST-01-001 | TODO | Link-Not-Merge schema
|
||||
SPRINT_110_ingestion_evidence | EXCITITOR-CONN-TRUST-01-001 | TODO | attestation plan
|
||||
SPRINT_110_ingestion_evidence | FEEDCONN-ICSCISA-02-012 | BLOCKED | Feed owner remediation plan
|
||||
SPRINT_110_ingestion_evidence | FEEDCONN-KISA-02-008 | BLOCKED | Feed owner remediation plan
|
||||
SPRINT_110_ingestion_evidence | MIRROR-CRT-56-001 | TODO | Staffing decision
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-007 | TODO | Instrument metrics (`ledger_write_latency`
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-007 | TODO | LEDGER-29-006
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-007 | TODO | Merkle anchoring alerts
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-007 | TODO | `ledger_events_total`)
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-007 | TODO | `projection_lag_seconds`
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-007 | TODO | structured logs
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-008 | TODO | Develop unit/property/integration tests
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-008 | TODO | determinism harness
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-008 | TODO | replay/restore tooling
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-009 | TODO | Merkle anchor externalization (optional)
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-009 | TODO | Provide deployment manifests (Helm/Compose)
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-009 | TODO | backup/restore guidance
|
||||
SPRINT_120_policy_reasoning | LEDGER-34-101 | TODO | Link orchestrator run ledger exports into Findings Ledger provenance chain
|
||||
SPRINT_120_policy_reasoning | LEDGER-34-101 | TODO | index by artifact hash
|
||||
SPRINT_120_policy_reasoning | LEDGER-AIRGAP-56-001 | TODO | Record bundle provenance (`bundle_id`
|
||||
SPRINT_120_policy_reasoning | LEDGER-AIRGAP-56-001 | TODO | `merkle_root`
|
||||
SPRINT_120_policy_reasoning | LEDGER-AIRGAP-56-001 | TODO | `time_anchor`) on ledger events for advisories/VEX/policies imported via Mirror Bundles
|
||||
SPRINT_120_policy_reasoning | LEDGER-AIRGAP-56-002 | TODO | Surface staleness metrics for findings
|
||||
SPRINT_120_policy_reasoning | LEDGER-AIRGAP-56-002 | TODO | block risk-critical exports when stale beyond thresholds
|
||||
SPRINT_120_policy_reasoning | LEDGER-AIRGAP-57-001 | TODO | Link findings evidence snapshots to portable evidence bundles
|
||||
SPRINT_120_policy_reasoning | LEDGER-AIRGAP-58-001 | TODO | Emit timeline events for bundle import impacts (new findings
|
||||
SPRINT_120_policy_reasoning | LEDGER-ATTEST-73-001 | TODO | Persist pointers from findings to verification reports
|
||||
SPRINT_120_policy_reasoning | LEDGER-ATTEST-73-001 | TODO | attestation envelopes for explainability
|
||||
SPRINT_121_policy_reasoning | LEDGER-ATTEST-73-002 | TODO | Enable search/filter in findings projections by verification result
|
||||
SPRINT_121_policy_reasoning | LEDGER-EXPORT-35-001 | TODO | Provide paginated streaming endpoints for advisories
|
||||
SPRINT_121_policy_reasoning | LEDGER-EXPORT-35-001 | TODO | SBOMs
|
||||
SPRINT_121_policy_reasoning | LEDGER-EXPORT-35-001 | TODO | VEX
|
||||
SPRINT_121_policy_reasoning | LEDGER-EXPORT-35-001 | TODO | findings aligned with export filters
|
||||
SPRINT_121_policy_reasoning | LEDGER-EXPORT-35-001 | TODO | including deterministic ordering
|
||||
SPRINT_121_policy_reasoning | LEDGER-EXPORT-35-001 | TODO | provenance metadata
|
||||
SPRINT_121_policy_reasoning | LEDGER-OAS-61-001 | TODO | Expand Findings Ledger OAS to include projections
|
||||
SPRINT_121_policy_reasoning | LEDGER-OAS-61-001 | TODO | evidence lookups
|
||||
SPRINT_121_policy_reasoning | LEDGER-OAS-61-001 | TODO | filter parameters with examples
|
||||
SPRINT_121_policy_reasoning | LEDGER-OAS-61-002 | TODO | Implement `/.well-known/openapi` endpoint
|
||||
SPRINT_121_policy_reasoning | LEDGER-OAS-62-001 | TODO | Provide SDK test cases for findings pagination
|
||||
SPRINT_121_policy_reasoning | LEDGER-OAS-62-001 | TODO | evidence links
|
||||
SPRINT_121_policy_reasoning | LEDGER-OAS-62-001 | TODO | filtering
|
||||
SPRINT_121_policy_reasoning | LEDGER-OAS-63-001 | TODO | Support deprecation headers
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-50-001 | TODO | Integrate telemetry core within ledger writer/projector services
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-50-001 | TODO | emitting structured logs
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-50-001 | TODO | projector replay
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-50-001 | TODO | query APIs with tenant context
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-50-001 | TODO | trace spans for ledger append
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-51-001 | TODO | Publish metrics for ledger latency
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-51-001 | TODO | event throughput
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-51-001 | TODO | policy evaluation linkage. Define SLOs (ledger append P95 < 1s
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-51-001 | TODO | projector lag
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-51-001 | TODO | replay lag < 30s) with burn-rate alerts
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-52-001 | TODO | Emit timeline events for ledger writes
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-52-001 | TODO | `ledger.projection.updated`) with trace ID
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-52-001 | TODO | policy version
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-52-001 | TODO | projector commits (`ledger.event.appended`
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-53-001 | TODO | Persist evidence bundle references (evaluation/job capsules) alongside ledger entries
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-53-001 | TODO | exposing lookup API linking findings to evidence manifests
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-54-001 | TODO | Verify attestation references for ledger-derived exports
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-54-001 | TODO | expose `/ledger/attestations` endpoint returning DSSE verification state
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-55-001 | TODO | Enhance incident mode to record additional replay diagnostics (lag traces
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-55-001 | TODO | conflict snapshots)
|
||||
SPRINT_121_policy_reasoning | LEDGER-PACKS-42-001 | TODO | CLI offline mode
|
||||
SPRINT_121_policy_reasoning | LEDGER-PACKS-42-001 | TODO | Provide snapshot/time-travel APIs
|
||||
SPRINT_121_policy_reasoning | LEDGER-PACKS-42-001 | TODO | digestable exports for task pack simulation
|
||||
SPRINT_121_policy_reasoning | LEDGER-RISK-66-001 | TODO | Add schema migrations for `risk_score`
|
||||
SPRINT_121_policy_reasoning | LEDGER-RISK-66-001 | TODO | `explanation_id`
|
||||
SPRINT_121_policy_reasoning | LEDGER-RISK-66-001 | TODO | `profile_version`
|
||||
SPRINT_121_policy_reasoning | LEDGER-RISK-66-001 | TODO | `risk_severity`
|
||||
SPRINT_121_policy_reasoning | LEDGER-RISK-66-001 | TODO | supporting indexes
|
||||
SPRINT_122_policy_reasoning | LEDGER-RISK-67-001 | TODO | Expose query APIs for scored findings with score/severity filters
|
||||
SPRINT_122_policy_reasoning | LEDGER-RISK-67-001 | TODO | pagination
|
||||
SPRINT_122_policy_reasoning | LEDGER-RISK-68-001 | TODO | Enable export of scored findings
|
||||
SPRINT_122_policy_reasoning | LEDGER-RISK-69-001 | TODO | Emit metrics/dashboards for scoring latency
|
||||
SPRINT_122_policy_reasoning | LEDGER-RISK-69-001 | TODO | result freshness
|
||||
SPRINT_122_policy_reasoning | LEDGER-RISK-69-001 | TODO | severity distribution
|
||||
SPRINT_122_policy_reasoning | LEDGER-TEN-48-001 | TODO | Partition ledger tables by tenant/project
|
||||
SPRINT_122_policy_reasoning | LEDGER-TEN-48-001 | TODO | enable RLS
|
||||
SPRINT_122_policy_reasoning | LEDGER-TEN-48-001 | TODO | stamp audit metadata
|
||||
SPRINT_122_policy_reasoning | LEDGER-TEN-48-001 | TODO | update queries/events
|
||||
SPRINT_123_policy_reasoning | EXPORT-CONSOLE-23-001 | TODO | Build evidence bundle/export generator producing signed manifests
|
||||
SPRINT_123_policy_reasoning | EXPORT-CONSOLE-23-001 | TODO | CSV/JSON replay endpoints
|
||||
SPRINT_123_policy_reasoning | EXPORT-CONSOLE-23-001 | TODO | expose progress telemetry
|
||||
SPRINT_123_policy_reasoning | EXPORT-CONSOLE-23-001 | TODO | integrate with scheduler jobs
|
||||
SPRINT_123_policy_reasoning | EXPORT-CONSOLE-23-001 | TODO | trace attachments
|
||||
SPRINT_123_policy_reasoning | POLICY-AIRGAP-56-001 | TODO | Support policy pack imports from Mirror Bundles
|
||||
SPRINT_123_policy_reasoning | POLICY-AIRGAP-56-001 | TODO | ensure deterministic caching
|
||||
SPRINT_123_policy_reasoning | POLICY-AIRGAP-56-001 | TODO | track `bundle_id` metadata
|
||||
SPRINT_123_policy_reasoning | POLICY-AIRGAP-57-001 | TODO | Enforce sealed-mode guardrails in evaluation (no outbound fetch)
|
||||
SPRINT_123_policy_reasoning | POLICY-AIRGAP-57-002 | TODO | Annotate rule explanations with staleness information
|
||||
SPRINT_123_policy_reasoning | POLICY-AIRGAP-57-002 | TODO | fallback data (cached EPSS
|
||||
SPRINT_123_policy_reasoning | POLICY-AOC-19-001 | TODO | Add Roslyn/CI lint preventing ingestion projects from referencing Policy merge/severity helpers
|
||||
SPRINT_123_policy_reasoning | POLICY-AOC-19-001 | TODO | block forbidden writes at compile time
|
||||
SPRINT_123_policy_reasoning | POLICY-AOC-19-003 | TODO | Update readers/processors to consume only `content.raw`
|
||||
SPRINT_123_policy_reasoning | POLICY-AOC-19-003 | TODO | `identifiers`
|
||||
SPRINT_123_policy_reasoning | POLICY-AOC-19-003 | TODO | `linkset`. Remove dependencies on legacy normalized fields
|
||||
SPRINT_123_policy_reasoning | POLICY-AOC-19-004 | TODO | Add regression tests ensuring policy derived outputs remain deterministic when ingesting revised raw docs (supersedes)
|
||||
SPRINT_123_policy_reasoning | POLICY-ATTEST-73-001 | TODO | Introduce VerificationPolicy object: schema
|
||||
SPRINT_123_policy_reasoning | POLICY-ATTEST-73-001 | TODO | lifecycle
|
||||
SPRINT_123_policy_reasoning | POLICY-ATTEST-73-001 | TODO | persistence
|
||||
SPRINT_123_policy_reasoning | POLICY-ATTEST-73-001 | TODO | versioning
|
||||
SPRINT_123_policy_reasoning | POLICY-ATTEST-73-002 | TODO | Provide Policy Studio editor with validation
|
||||
SPRINT_123_policy_reasoning | POLICY-ATTEST-73-002 | TODO | dry-run simulation
|
||||
SPRINT_123_policy_reasoning | POLICY-ATTEST-74-001 | TODO | Integrate verification policies into attestor verification pipeline with caching
|
||||
SPRINT_123_policy_reasoning | POLICY-CONSOLE-23-001 | TODO | Optimize findings/explain APIs for Console: cursor-based pagination at scale
|
||||
SPRINT_123_policy_reasoning | POLICY-CONSOLE-23-001 | TODO | aggregation hints for dashboard cards. Ensure deterministic ordering
|
||||
SPRINT_123_policy_reasoning | POLICY-CONSOLE-23-001 | TODO | expose provenance refs
|
||||
SPRINT_123_policy_reasoning | POLICY-CONSOLE-23-001 | TODO | global filter parameters (severity bands
|
||||
SPRINT_123_policy_reasoning | POLICY-CONSOLE-23-001 | TODO | policy version
|
||||
SPRINT_123_policy_reasoning | POLICY-CONSOLE-23-001 | TODO | rule trace summarization
|
||||
SPRINT_123_policy_reasoning | POLICY-CONSOLE-23-001 | TODO | time window)
|
||||
SPRINT_124_policy_reasoning | POLICY-CONSOLE-23-002 | TODO | Produce simulation diff metadata (before/after counts
|
||||
SPRINT_124_policy_reasoning | POLICY-CONSOLE-23-002 | TODO | approval state endpoints consumed by Console policy workspace
|
||||
SPRINT_124_policy_reasoning | POLICY-CONSOLE-23-002 | TODO | rule impact summaries)
|
||||
SPRINT_124_policy_reasoning | POLICY-CONSOLE-23-002 | TODO | severity deltas
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-002 | BLOCKED | Build deterministic evaluator honoring lexical/priority order
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-002 | BLOCKED | first-match semantics
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-002 | BLOCKED | safe value types (no wall-clock/network access)
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-003 | TODO | Implement selection joiners resolving SBOM↔advisory↔VEX tuples using linksets
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-003 | TODO | PURL equivalence tables
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-004 | TODO | Ship materialization writer that upserts into `effective_finding_{policyId}` with append-only history
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-004 | TODO | tenant scoping
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-005 | TODO | Enforce determinism guard banning wall-clock
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-005 | TODO | RNG
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-006 | TODO | Implement incremental orchestrator reacting to advisory/vex/SBOM change streams
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-007 | TODO | Emit structured traces/logs of rule hits with sampling controls
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-007 | TODO | `vex_overrides_total`)
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-007 | TODO | metrics (`rules_fired_total`
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-008 | TODO | Add unit/property/golden/perf suites covering policy compilation
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-008 | TODO | determinism
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-008 | TODO | evaluation correctness
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-009 | TODO | Define Mongo schemas/indexes for `policies`
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-009 | TODO | `effective_finding_*`
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-009 | TODO | `policy_runs`
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-009 | TODO | implement migrations
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-27-001 | TODO | Extend compile outputs to include rule coverage metadata
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-27-001 | TODO | inline documentation
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-27-001 | TODO | rule index for editor autocomplete
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-27-001 | TODO | symbol table
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-27-002 | TODO | Enhance simulate endpoints to emit rule firing counts
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-27-002 | TODO | heatmap aggregates
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-27-002 | TODO | sampled explain traces with deterministic ordering
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-29-001 | TODO | Implement batch evaluation endpoint (`POST /policy/eval/batch`) returning determinations + rationale chain for sets of `(artifact
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-29-001 | TODO | POLICY-ENGINE-27-004
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-29-001 | TODO | advisory)` tuples
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-29-001 | TODO | purl
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-29-001 | TODO | support pagination
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-29-001 | TODO | version
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-29-002 | TODO | Provide streaming simulation API comparing two policy versions
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-29-002 | TODO | returning per-finding deltas without writes
|
||||
SPRINT_125_mirror | MIRROR-CRT-56-001 | TODO | Staffing decision
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-29-003 | TODO | Surface path/scope awareness in determinations (signal optional/dev/test downgrade
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-29-004 | TODO | Add metrics/logs for batch evaluation (latency
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-29-004 | TODO | queue depth)
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-29-004 | TODO | simulation diff counts
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-001 | TODO | Define overlay contract for graph nodes/edges (status
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-001 | TODO | expose projection API for Cartographer
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-001 | TODO | path relevance)
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-001 | TODO | rationale refs
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-001 | TODO | severity
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-002 | TODO | Implement simulation bridge returning on-the-fly overlays for Cartographer/Graph Explorer when invoking Policy Engine simulate
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-002 | TODO | ensure no writes
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-101 | TODO | Surface trust weighting configuration (issuer base weights
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-101 | TODO | recency decay
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-101 | TODO | scope adjustments) for VEX Lens via Policy Studio + API
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-101 | TODO | signature modifiers
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-31-001 | TODO | Expose policy knobs for Advisory AI (trust presets
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-31-001 | TODO | TTLs) via Policy Studio
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-31-001 | TODO | plan ranking weights
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-31-001 | TODO | temperature
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-31-001 | TODO | token limits
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-31-002 | TODO | Provide batch endpoint delivering policy context (thresholds
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-32-101 | TODO | Define orchestrator `policy_eval` job schema
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-32-101 | TODO | idempotency keys
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-33-101 | TODO | Implement orchestrator-driven policy evaluation workers using SDK heartbeats
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-33-101 | TODO | respecting throttles
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-34-101 | TODO | Publish policy run ledger exports + SLO burn-rate metrics to orchestrator
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-35-201 | TODO | Expose deterministic policy snapshot API
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-38-201 | TODO | Emit enriched policy violation events (decision rationale ids
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-40-001 | TODO | Update severity/status evaluation pipelines to consume multiple source severities per linkset
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-40-001 | TODO | preferred source
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-40-001 | TODO | supporting selection strategies (max
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-40-002 | TODO | Accept VEX linkset conflicts
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-40-002 | TODO | provide rationale references in effective findings
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-40-003 | TODO | Graph Explorer) to request policy decisions with source evidence summaries (top severity sources
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-40-003 | TODO | Provide API/SDK utilities for consumers (Web Scanner
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-001 | TODO | Implement SPL compiler: validate YAML
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-001 | TODO | canonicalize
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-001 | TODO | produce signed bundle
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-001 | TODO | store artifact in object storage
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-002 | TODO | Build runtime evaluator executing compiled plans over advisory/vex linksets + SBOM asset metadata with deterministic caching (Redis)
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-003 | TODO | Implement evaluation/compilation metrics
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-003 | TODO | `policy_compiles_total`
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-003 | TODO | structured logs (`policy_eval_seconds`
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-003 | TODO | tracing
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-004 | TODO | Build event pipeline: subscribe to linkset/SBOM updates
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-004 | TODO | schedule re-eval jobs
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-005 | TODO | Design
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-005 | TODO | TTL
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-005 | TODO | `policy_artifacts` collections with indexes
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-005 | TODO | `policy_revisions`
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-005 | TODO | `policy_runs`
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-005 | TODO | implement `policy_packs`
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-006 | TODO | Implement explainer persistence + retrieval APIs linking decisions to explanation tree
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-007 | TODO | Provide evaluation worker host/DI wiring
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-60-001 | TODO | Maintain Redis effective decision maps per asset/snapshot for Graph overlays
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-60-001 | TODO | implement versioning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-60-002 | TODO | Expose simulation bridge for Graph What-if APIs
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-60-002 | TODO | supporting hypothetical SBOM diffs
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-002 | TODO | Design
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-002 | TODO | `exception_bindings`) with indexes
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-002 | TODO | `exception_reviews`
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-002 | TODO | create Mongo collections (`exceptions`
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-002 | TODO | migrations
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-004 | TODO | Extend metrics/tracing/logging for exception application (latency
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-004 | TODO | counts
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-004 | TODO | expiring events)
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-005 | TODO | Provide APIs/workers hook for exception activation/expiry (auto start/end)
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-80-001 | TODO | Integrate reachability/exploitability inputs into evaluation pipeline (state/score/confidence) with caching
|
||||
SPRINT_126_policy_reasoning | POLICY-RISK-90-001 | TODO | Ingest entropy penalty inputs from Scanner (`entropy.report.json`
|
||||
SPRINT_126_policy_reasoning | POLICY-RISK-90-001 | TODO | `layer_summary.json`)
|
||||
SPRINT_126_policy_reasoning | POLICY-RISK-90-001 | TODO | expose explanations/metrics for opaque ratio penalties (`docs/modules/scanner/entropy.md`).
|
||||
SPRINT_126_policy_reasoning | POLICY-RISK-90-001 | TODO | extend trust algebra with configurable weights/caps
|
||||
SPRINT_127_policy_reasoning | POLICY-ENGINE-80-002 | TODO | Create joining layer to read `reachability_facts` efficiently (indexes
|
||||
SPRINT_127_policy_reasoning | POLICY-ENGINE-80-002 | TODO | projections)
|
||||
SPRINT_127_policy_reasoning | POLICY-ENGINE-80-003 | TODO | Extend SPL predicates/actions to reference reachability state/score/confidence
|
||||
SPRINT_127_policy_reasoning | POLICY-ENGINE-80-004 | TODO | Emit metrics (`policy_reachability_applied_total`
|
||||
SPRINT_127_policy_reasoning | POLICY-ENGINE-80-004 | TODO | `policy_reachability_cache_hit_ratio`)
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-50-001 | TODO | Integrate telemetry core into policy API + worker hosts
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-50-001 | TODO | `decision_effect`
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-50-001 | TODO | `policy_version`
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-50-001 | TODO | ensuring spans/logs cover compile/evaluate flows with `tenant_id`
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-50-001 | TODO | trace IDs
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-51-001 | TODO | Emit golden-signal metrics (compile latency
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-51-001 | TODO | evaluate latency
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-51-001 | TODO | override counts)
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-51-001 | TODO | rule hits
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-52-001 | TODO | Emit timeline events `policy.evaluate.started`
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-52-001 | TODO | `policy.decision.recorded` with trace IDs
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-52-001 | TODO | `policy.evaluate.completed`
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-52-001 | TODO | input digests
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-52-001 | TODO | rule summary. Provide contract tests
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-53-001 | TODO | Produce evaluation evidence bundles (inputs slice
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-53-001 | TODO | config snapshot) through evidence locker integration
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-53-001 | TODO | engine version
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-53-001 | TODO | rule trace
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-54-001 | TODO | Generate DSSE attestations for evaluation outputs
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-54-001 | TODO | expose `/evaluations/{id}/attestation`
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-55-001 | TODO | Implement incident mode sampling overrides (full rule trace capture
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-55-001 | TODO | extended retention) with auto-activation on SLO breach
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-001 | TODO | Develop initial JSON Schema for RiskProfile (signals
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-001 | TODO | overrides) with validator stubs
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-001 | TODO | severity
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-001 | TODO | transforms
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-001 | TODO | weights
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-002 | TODO | Implement inheritance/merge logic with conflict detection
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-003 | TODO | Integrate RiskProfile schema into Policy Engine configuration
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-003 | TODO | ensuring validation
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-004 | TODO | Extend Policy libraries to load/save RiskProfile documents
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-004 | TODO | compute content hashes
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-67-001 | TODO | Integrate profile storage
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-67-002 | TODO | Implement profile lifecycle APIs (`/risk/profiles` create/publish/deprecate)
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-67-002 | TODO | Publish `.well-known/risk-profile-schema` endpoint
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-67-003 | TODO | Provide policy-layer APIs to trigger risk simulations
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-68-001 | TODO | Implement scope selectors
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-68-001 | TODO | Provide simulation API bridging Policy Studio with risk engine
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-68-001 | TODO | precedence rules
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-68-001 | TODO | returns distributions
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-68-002 | TODO | Add override/adjustment support with audit metadata
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-69-001 | TODO | Emit events/notifications on profile publish
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-69-001 | TODO | deprecate
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-001 | TODO | Define SPL v1 YAML + JSON Schema
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-001 | TODO | VEX precedence
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-001 | TODO | exceptions
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-001 | TODO | including advisory rules
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-001 | TODO | layering metadata. Publish schema resources
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-001 | TODO | severity mapping
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-001 | TODO | validation fixtures
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-002 | TODO | Implement canonicalizer that normalizes policy packs (ordering
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-002 | TODO | computes content hash
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-002 | TODO | defaults)
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-003 | TODO | Build policy layering/override engine (global/org/project/env/exception) with field-level precedence matrices
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-004 | TODO | Design explanation tree model (rule hits
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-004 | TODO | UI
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-004 | TODO | decisions)
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-004 | TODO | inputs
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-004 | TODO | persistence structures reused by runtime
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-005 | TODO | Create migration tool to snapshot existing behavior into baseline SPL packs (`org.core.baseline`)
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-005 | TODO | including policy docs
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-24-001 | TODO | Extend SPL schema to expose reachability/exploitability predicates
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-24-001 | TODO | update documentation
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-24-001 | TODO | weighting functions
|
||||
SPRINT_129_policy_reasoning | POLICY-TEN-48-001 | TODO | Add `tenant_id`/`project_id` columns
|
||||
SPRINT_129_policy_reasoning | POLICY-TEN-48-001 | TODO | emit rationale IDs including tenant metadata
|
||||
SPRINT_129_policy_reasoning | POLICY-TEN-48-001 | TODO | enable RLS
|
||||
SPRINT_129_policy_reasoning | POLICY-TEN-48-001 | TODO | update evaluators to require tenant context
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-001 | TODO | Define OpenAPI specification covering workspaces
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-001 | TODO | attestations
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-001 | TODO | promotions
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-001 | TODO | publish typed clients for Console/CLI
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-001 | TODO | reviews
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-001 | TODO | simulations
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-001 | TODO | versions
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-002 | TODO | Implement workspace storage (Mongo collections
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-002 | TODO | diff history
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-002 | TODO | object storage buckets) with CRUD endpoints
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-003 | TODO | Integrate compile endpoint: forward source bundle to Policy Engine
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-003 | TODO | persist diagnostics
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-003 | TODO | rule index
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-003 | TODO | symbol table
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-004 | TODO | Implement quick simulation API with request limits (sample size
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-004 | TODO | heatmap
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-004 | TODO | returning counts
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-004 | TODO | timeouts)
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-005 | TODO | Build batch simulation orchestration: enqueue shards
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-005 | TODO | collect partials
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-005 | TODO | reduce deltas
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-006 | TODO | Implement review workflow (comments
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-006 | TODO | required approvers
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-006 | TODO | status transitions) with audit trails
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-006 | TODO | votes
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-007 | TODO | Implement publish pipeline: sign source/compiled digests
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-007 | TODO | create attestations
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-007 | TODO | mark version immutable
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-008 | TODO | Implement promotion bindings per tenant/environment with canary subsets
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-008 | TODO | rollback path
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-009 | TODO | Instrument metrics/logs/traces (compile time
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-009 | TODO | approval latency)
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-009 | TODO | diagnostics rate
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-009 | TODO | sim queue depth
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-010 | TODO | Build unit/integration/load test suites for compile/sim/review/publish/promote flows
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-66-001 | TODO | Scaffold scoring service (job queue
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-66-001 | TODO | provider registry) with deterministic execution harness
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-66-001 | TODO | worker loop
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-66-002 | TODO | Implement default transforms (linear
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-66-002 | TODO | clamping
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-66-002 | TODO | gating
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-66-002 | TODO | logistic
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-66-002 | TODO | minmax
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-66-002 | TODO | piecewise)
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-67-001 | TODO | Integrate CVSS
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-67-001 | TODO | KEV providers pulling data from Conseiller
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-67-001 | TODO | `any`
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-67-001 | TODO | implement reducers (`max`
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-67-002 | TODO | Integrate VEX gate provider
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-67-003 | TODO | Add fix availability
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-67-003 | TODO | asset criticality
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-68-001 | TODO | Persist scoring results + explanation pointers to Findings Ledger
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-68-002 | TODO | Expose APIs (`/risk/jobs`
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-68-002 | TODO | `/risk/results/{id}/explanation`)
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-68-002 | TODO | `/risk/results`
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-68-002 | TODO | filtering
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-68-002 | TODO | include pagination
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-69-001 | TODO | Implement simulation mode producing distributions
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-69-002 | TODO | Add telemetry (spans
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-69-002 | TODO | cache hits
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-69-002 | TODO | job throughput
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-69-002 | TODO | logs) for provider latency
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-69-002 | TODO | metrics
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-70-001 | TODO | Support offline provider bundles with manifest verification
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-70-002 | TODO | Integrate runtime evidence provider
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-001 | TODO | CycloneDX VEX (status mapping
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-001 | TODO | Implement normalization pipeline for CSAF VEX
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-001 | TODO | OpenVEX
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-001 | TODO | justification mapping
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-001 | TODO | product tree parsing)
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-002 | TODO | CPE2.3
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-003 | TODO | DSSE
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-003 | TODO | Integrate signature verification (Ed25519
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-003 | TODO | PKIX) using issuer keys
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-003 | TODO | annotate evidence with verification state
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-004 | TODO | Implement trust weighting engine (issuer base weights
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-004 | TODO | justification modifiers
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-004 | TODO | recency decay
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-004 | TODO | signature modifiers
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | AFFECTED
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | DISPUTED
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | FIXED
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | Implement consensus algorithm producing `consensus_state`
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | UNDER_INVESTIGATION
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | `confidence`
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | `quorum`
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | `rationale`
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | `weights`
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | support states: NOT_AFFECTED
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-006 | TODO | Materialize consensus projection storage with idempotent workers triggered by VEX/Policy changes
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-007 | TODO | Expose APIs (`/vex/consensus`
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-007 | TODO | `/vex/consensus/export`) with pagination
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-007 | TODO | `/vex/consensus/query`
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-007 | TODO | `/vex/consensus/simulate`
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-007 | TODO | `/vex/consensus/{id}`
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-007 | TODO | cost budgets
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-008 | TODO | Integrate consensus signals with Policy Engine (thresholds
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-008 | TODO | simulation inputs)
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-008 | TODO | suppression
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-009 | TODO | Instrument metrics (`vex_consensus_compute_latency`
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-009 | TODO | `vex_consensus_disputed_total`
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-009 | TODO | `vex_signature_verification_rate`)
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-009 | TODO | structured logs
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-009 | TODO | traces
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-010 | TODO | Develop unit/property/integration/load tests (10M records)
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-010 | TODO | determinism harness
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-011 | TODO | Provide deployment manifests
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-011 | TODO | caching configuration
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-011 | TODO | offline kit seeds
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-011 | TODO | scaling guides
|
||||
SPRINT_129_policy_reasoning | VEXLENS-AIAI-31-001 | TODO | Expose consensus rationale API enhancements (policy factors
|
||||
SPRINT_129_policy_reasoning | VEXLENS-AIAI-31-001 | TODO | issuer details
|
||||
SPRINT_129_policy_reasoning | VEXLENS-AIAI-31-001 | TODO | mapping issues) for Advisory AI conflict explanations
|
||||
SPRINT_129_policy_reasoning | VEXLENS-AIAI-31-002 | TODO | Provide caching hooks for consensus lookups used by Advisory AI (batch endpoints
|
||||
SPRINT_129_policy_reasoning | VEXLENS-EXPORT-35-001 | TODO | Provide consensus snapshot API delivering deterministic JSONL (state
|
||||
SPRINT_129_policy_reasoning | VEXLENS-EXPORT-35-001 | TODO | confidence
|
||||
SPRINT_129_policy_reasoning | VEXLENS-EXPORT-35-001 | TODO | provenance) for exporter mirror bundles
|
||||
SPRINT_129_policy_reasoning | VEXLENS-ORCH-33-001 | TODO | Register `consensus_compute` job type with orchestrator
|
||||
SPRINT_129_policy_reasoning | VEXLENS-ORCH-33-001 | TODO | expose job planning hooks for consensus batches
|
||||
SPRINT_129_policy_reasoning | VEXLENS-ORCH-33-001 | TODO | integrate worker SDK
|
||||
SPRINT_129_policy_reasoning | VEXLENS-ORCH-34-001 | TODO | Emit consensus completion events into orchestrator run ledger
|
||||
SPRINT_129_policy_reasoning | VEXLENS-ORCH-34-001 | TODO | provenance chain
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-001 | TODO | Define OpenAPI spec (list/detail/query/simulation/workflow/export)
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-001 | TODO | error codes
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-001 | TODO | pagination/grouping contracts
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-001 | TODO | query JSON schema
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-002 | TODO | Implement list/query endpoints with policy parameter
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-002 | TODO | caching
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-002 | TODO | grouping
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-002 | TODO | server paging
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-003 | TODO | Implement detail endpoint aggregating evidence
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-003 | TODO | paths (Graph Explorer deep link)
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-003 | TODO | policy rationale
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-004 | TODO | Expose workflow endpoints (assign
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-004 | TODO | accept-risk
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-004 | TODO | comment
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-004 | TODO | target-fix
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-004 | TODO | verify-fix
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-005 | TODO | Implement simulation endpoint comparing `policy_from` vs `policy_to`
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-005 | TODO | returning diffs without side effects
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-006 | TODO | Integrate resolver results with Graph Explorer: include shortest path metadata
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-006 | TODO | line up deep-link parameters
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-007 | TODO | Enforce RBAC/ABAC scopes
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-007 | TODO | implement CSRF/anti-forgery checks for Console
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-007 | TODO | secure attachment URLs
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-008 | TODO | Build export orchestrator producing signed bundles (manifest
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-008 | TODO | NDJSON
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-008 | TODO | checksums
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-008 | TODO | signature). Integrate with Findings Ledger for evidence
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-009 | TODO | Instrument metrics (`vuln_list_latency`
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-009 | TODO | `vuln_export_duration`
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-009 | TODO | `vuln_simulation_latency`
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-009 | TODO | `vuln_workflow_events_total`)
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-009 | TODO | structured logs
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-009 | TODO | traces
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-010 | TODO | Provide unit/integration/perf tests (5M findings)
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-010 | TODO | fuzz query validation
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-011 | TODO | CI smoke
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-011 | TODO | Package deployment (Helm/Compose)
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-011 | TODO | health checks
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-011 | TODO | offline kit steps
|
||||
SPRINT_131_scanner_surface | SCANNER-ANALYZERS-DENO-26-009 | TODO | SCANNER-ANALYZERS-DENO-26-008
|
||||
SPRINT_131_scanner_surface | SCANNER-ANALYZERS-JAVA-21-005 | TODO | —
|
||||
SPRINT_131_scanner_surface | SCANNER-ANALYZERS-LANG-11-001 | TODO | SCANNER-ANALYZERS-LANG-10-309
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NATIVE-20-001 | TODO | —
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NODE-22-001 | TODO | —
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-PHP-27-001 | TODO | —
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-001 | TODO | —
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-001 | TODO | —
|
||||
SPRINT_135_scanner_surface | SCANNER-ENTRYTRACE-18-502 | TODO | SCANNER-ENTRYTRACE-18-508
|
||||
SPRINT_136_scanner_surface | SCANNER-ENG-0020 | TODO | —
|
||||
SPRINT_136_scanner_surface | SCANNER-ENG-0021 | TODO | —
|
||||
SPRINT_136_scanner_surface | SCANNER-ENG-0022 | TODO | —
|
||||
SPRINT_136_scanner_surface | SCANNER-ENG-0023 | TODO | —
|
||||
SPRINT_136_scanner_surface | SCANNER-ENG-0024 | TODO | —
|
||||
SPRINT_136_scanner_surface | SCANNER-ENG-0025 | TODO | —
|
||||
SPRINT_136_scanner_surface | SCANNER-ENG-0026 | TODO | —
|
||||
SPRINT_136_scanner_surface | SCANNER-ENG-0027 | TODO | —
|
||||
SPRINT_136_scanner_surface | SCANNER-ENV-01 | TODO | —
|
||||
SPRINT_136_scanner_surface | SCANNER-EVENTS-16-301 | BLOCKED | —
|
||||
SPRINT_136_scanner_surface | SCANNER-GRAPH-21-001 | TODO | —
|
||||
SPRINT_136_scanner_surface | SCANNER-LNM-21-001 | TODO | —
|
||||
SPRINT_136_scanner_surface | SCANNER-SECRETS-03 | TODO | SCANNER-SECRETS-02
|
||||
SPRINT_136_scanner_surface | SCANNER-SURFACE-04 | TODO | SCANNER-SURFACE-01
|
||||
SPRINT_136_scanner_surface | SCHED-SURFACE-02 | TODO | SURFACE-FS-02
|
||||
SPRINT_136_scanner_surface | SURFACE-FS-03 | TODO | SURFACE-FS-02
|
||||
SPRINT_136_scanner_surface | SURFACE-FS-04 | TODO | SURFACE-FS-02
|
||||
SPRINT_136_scanner_surface | SURFACE-FS-06 | TODO | SURFACE-FS-02..05
|
||||
SPRINT_136_scanner_surface | SURFACE-SECRETS-01 | DOING | —
|
||||
SPRINT_136_scanner_surface | SURFACE-VAL-01 | DOING | SURFACE-FS-01
|
||||
SPRINT_136_scanner_surface | SURFACE-VAL-02 | TODO | SURFACE-FS-02
|
||||
SPRINT_136_scanner_surface | ZASTAVA-SURFACE-02 | TODO | SURFACE-FS-02
|
||||
SPRINT_138_scanner_ruby_parity | SCANNER-ENG-0008 | TODO | —
|
||||
SPRINT_138_scanner_ruby_parity | SCANNER-ENG-0010 | TODO | SCANNER-ANALYZERS-PHP-27-001..012
|
||||
SPRINT_138_scanner_ruby_parity | SCANNER-ENG-0011 | TODO | —
|
||||
SPRINT_138_scanner_ruby_parity | SCANNER-ENG-0012 | TODO | —
|
||||
SPRINT_138_scanner_ruby_parity | SCANNER-ENG-0013 | TODO | —
|
||||
SPRINT_138_scanner_ruby_parity | SCANNER-ENG-0014 | TODO | —
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-004 | DOING | DOCS-AIAI-31-003
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-008 | BLOCKED | DOCS-AIAI-31-007
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-56-001 | TODO | —
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-POLICY-DET-01 | TODO | POLICY-DET backlog
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-SCANNER-DET-01 | DOING | Sprint 136 outputs
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-SCANNER-DET-01 | DOING | scanner determinism fixtures
|
||||
|
290
docs/implplan/dependency_open.csv
Normal file
290
docs/implplan/dependency_open.csv
Normal file
@@ -0,0 +1,290 @@
|
||||
Sprint | Task ID | Status | Blocking dependency | Dep status | Dep sprint
|
||||
SPRINT_110_ingestion_evidence | AIRGAP-TIME-57-001 | TODO | MIRROR-CRT-56-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_110_ingestion_evidence | CONCELIER-AIAI-31-002 | DOING | CONCELIER-GRAPH-21-001 | BLOCKED | SPRINT_113_concelier_ii
|
||||
SPRINT_110_ingestion_evidence | CONCELIER-ATTEST-73-001 | TODO | CONCELIER-AIAI-31-002 | DOING | SPRINT_110_ingestion_evidence
|
||||
SPRINT_110_ingestion_evidence | DOCS-AIAI-31-004 | DOING | CONSOLE-VEX-30-001 | DOING | SPRINT_212_web_i
|
||||
SPRINT_110_ingestion_evidence | DOCS-AIAI-31-004 | DOING | CONSOLE-VULN-29-001 | DOING | SPRINT_212_web_i
|
||||
SPRINT_110_ingestion_evidence | DOCS-AIAI-31-004 | DOING | SBOM-AIAI-31-001 | TODO | SPRINT_140_runtime_signals
|
||||
SPRINT_110_ingestion_evidence | DOCS-AIAI-31-005 | BLOCKED | CLI-VEX-30-001 | TODO | SPRINT_205_cli_v
|
||||
SPRINT_110_ingestion_evidence | DOCS-AIAI-31-005 | BLOCKED | CLI-VULN-29-001 | TODO | SPRINT_205_cli_v
|
||||
SPRINT_110_ingestion_evidence | DOCS-AIAI-31-005 | BLOCKED | DEVOPS-AIAI-31-001 | TODO | SPRINT_503_ops_devops_i
|
||||
SPRINT_110_ingestion_evidence | DOCS-AIAI-31-005 | BLOCKED | DOCS-AIAI-31-004 | DOING | SPRINT_110_ingestion_evidence
|
||||
SPRINT_110_ingestion_evidence | DOCS-AIAI-31-005 | BLOCKED | POLICY-ENGINE-31-001 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_110_ingestion_evidence | EXCITITOR-AIAI-31-003 | TODO | EXCITITOR-AIAI-31-002 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_110_ingestion_evidence | EXCITITOR-AIAI-31-004 | TODO | EXCITITOR-AIAI-31-002 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_110_ingestion_evidence | EXCITITOR-ATTEST-01-003 | TODO | EXCITITOR-AIAI-31-002 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_110_ingestion_evidence | EXPORT-OBS-51-001 | TODO | MIRROR-CRT-56-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_110_ingestion_evidence | MIRROR-CRT-56-002 | TODO | MIRROR-CRT-56-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_110_ingestion_evidence | MIRROR-CRT-56-002 | TODO | PROV-OBS-53-001 | TODO | SPRINT_125_mirror
|
||||
SPRINT_110_ingestion_evidence | MIRROR-CRT-57-001 | TODO | AIRGAP-TIME-57-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_110_ingestion_evidence | MIRROR-CRT-57-001 | TODO | MIRROR-CRT-56-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_110_ingestion_evidence | MIRROR-CRT-58-001 | TODO | CLI-AIRGAP-56-001 | TODO | SPRINT_125_mirror
|
||||
SPRINT_110_ingestion_evidence | MIRROR-CRT-58-001 | TODO | EXPORT-OBS-54-001 | TODO | SPRINT_163_exportcenter_ii
|
||||
SPRINT_110_ingestion_evidence | MIRROR-CRT-58-001 | TODO | MIRROR-CRT-56-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_110_ingestion_evidence | SBOM-AIAI-31-003 | BLOCKED | CLI-VEX-30-001 | TODO | SPRINT_205_cli_v
|
||||
SPRINT_110_ingestion_evidence | SBOM-AIAI-31-003 | BLOCKED | CLI-VULN-29-001 | TODO | SPRINT_205_cli_v
|
||||
SPRINT_110_ingestion_evidence | SBOM-AIAI-31-003 | BLOCKED | SBOM-AIAI-31-001 | TODO | SPRINT_140_runtime_signals
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-008 | TODO | LEDGER-29-007 | TODO | SPRINT_120_policy_reasoning
|
||||
SPRINT_120_policy_reasoning | LEDGER-29-009 | TODO | LEDGER-29-008 | TODO | SPRINT_120_policy_reasoning
|
||||
SPRINT_120_policy_reasoning | LEDGER-34-101 | TODO | LEDGER-29-009 | TODO | SPRINT_120_policy_reasoning
|
||||
SPRINT_120_policy_reasoning | LEDGER-AIRGAP-56-002 | TODO | LEDGER-AIRGAP-56-001 | TODO | SPRINT_120_policy_reasoning
|
||||
SPRINT_120_policy_reasoning | LEDGER-AIRGAP-57-001 | TODO | LEDGER-AIRGAP-56-002 | TODO | SPRINT_120_policy_reasoning
|
||||
SPRINT_120_policy_reasoning | LEDGER-AIRGAP-58-001 | TODO | LEDGER-AIRGAP-57-001 | TODO | SPRINT_120_policy_reasoning
|
||||
SPRINT_121_policy_reasoning | LEDGER-ATTEST-73-002 | TODO | LEDGER-ATTEST-73-001 | TODO | SPRINT_120_policy_reasoning
|
||||
SPRINT_121_policy_reasoning | LEDGER-OAS-61-002 | TODO | LEDGER-OAS-61-001 | TODO | SPRINT_121_policy_reasoning
|
||||
SPRINT_121_policy_reasoning | LEDGER-OAS-62-001 | TODO | LEDGER-OAS-61-002 | TODO | SPRINT_121_policy_reasoning
|
||||
SPRINT_121_policy_reasoning | LEDGER-OAS-63-001 | TODO | LEDGER-OAS-62-001 | TODO | SPRINT_121_policy_reasoning
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-51-001 | TODO | LEDGER-OBS-50-001 | TODO | SPRINT_121_policy_reasoning
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-52-001 | TODO | LEDGER-OBS-51-001 | TODO | SPRINT_121_policy_reasoning
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-53-001 | TODO | LEDGER-OBS-52-001 | TODO | SPRINT_121_policy_reasoning
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-54-001 | TODO | LEDGER-OBS-53-001 | TODO | SPRINT_121_policy_reasoning
|
||||
SPRINT_121_policy_reasoning | LEDGER-OBS-55-001 | TODO | LEDGER-OBS-54-001 | TODO | SPRINT_121_policy_reasoning
|
||||
SPRINT_121_policy_reasoning | LEDGER-RISK-66-002 | TODO | LEDGER-RISK-66-001 | TODO | SPRINT_121_policy_reasoning
|
||||
SPRINT_122_policy_reasoning | LEDGER-RISK-67-001 | TODO | LEDGER-RISK-66-002 | TODO | SPRINT_121_policy_reasoning
|
||||
SPRINT_122_policy_reasoning | LEDGER-RISK-68-001 | TODO | LEDGER-RISK-67-001 | TODO | SPRINT_122_policy_reasoning
|
||||
SPRINT_122_policy_reasoning | LEDGER-RISK-69-001 | TODO | LEDGER-RISK-68-001 | TODO | SPRINT_122_policy_reasoning
|
||||
SPRINT_123_policy_reasoning | POLICY-AIRGAP-56-002 | TODO | POLICY-AIRGAP-56-001 | TODO | SPRINT_123_policy_reasoning
|
||||
SPRINT_123_policy_reasoning | POLICY-AIRGAP-57-001 | TODO | POLICY-AIRGAP-56-002 | TODO | SPRINT_123_policy_reasoning
|
||||
SPRINT_123_policy_reasoning | POLICY-AIRGAP-57-002 | TODO | POLICY-AIRGAP-57-001 | TODO | SPRINT_123_policy_reasoning
|
||||
SPRINT_123_policy_reasoning | POLICY-AIRGAP-58-001 | TODO | POLICY-AIRGAP-57-002 | TODO | SPRINT_123_policy_reasoning
|
||||
SPRINT_123_policy_reasoning | POLICY-AOC-19-002 | TODO | POLICY-AOC-19-001 | TODO | SPRINT_123_policy_reasoning
|
||||
SPRINT_123_policy_reasoning | POLICY-AOC-19-003 | TODO | POLICY-AOC-19-002 | TODO | SPRINT_123_policy_reasoning
|
||||
SPRINT_123_policy_reasoning | POLICY-AOC-19-004 | TODO | POLICY-AOC-19-003 | TODO | SPRINT_123_policy_reasoning
|
||||
SPRINT_123_policy_reasoning | POLICY-ATTEST-73-002 | TODO | POLICY-ATTEST-73-001 | TODO | SPRINT_123_policy_reasoning
|
||||
SPRINT_123_policy_reasoning | POLICY-ATTEST-74-001 | TODO | POLICY-ATTEST-73-002 | TODO | SPRINT_123_policy_reasoning
|
||||
SPRINT_123_policy_reasoning | POLICY-ATTEST-74-002 | TODO | POLICY-ATTEST-74-001 | TODO | SPRINT_123_policy_reasoning
|
||||
SPRINT_124_policy_reasoning | POLICY-CONSOLE-23-002 | TODO | POLICY-CONSOLE-23-001 | TODO | SPRINT_123_policy_reasoning
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-003 | TODO | POLICY-ENGINE-20-002 | BLOCKED | SPRINT_124_policy_reasoning
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-004 | TODO | POLICY-ENGINE-20-003 | TODO | SPRINT_124_policy_reasoning
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-005 | TODO | POLICY-ENGINE-20-004 | TODO | SPRINT_124_policy_reasoning
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-006 | TODO | POLICY-ENGINE-20-005 | TODO | SPRINT_124_policy_reasoning
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-007 | TODO | POLICY-ENGINE-20-006 | TODO | SPRINT_124_policy_reasoning
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-008 | TODO | POLICY-ENGINE-20-007 | TODO | SPRINT_124_policy_reasoning
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-20-009 | TODO | POLICY-ENGINE-20-008 | TODO | SPRINT_124_policy_reasoning
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-27-001 | TODO | POLICY-ENGINE-20-009 | TODO | SPRINT_124_policy_reasoning
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-27-002 | TODO | POLICY-ENGINE-27-001 | TODO | SPRINT_124_policy_reasoning
|
||||
SPRINT_124_policy_reasoning | POLICY-ENGINE-29-002 | TODO | POLICY-ENGINE-29-001 | TODO | SPRINT_124_policy_reasoning
|
||||
SPRINT_125_mirror | AIRGAP-TIME-57-001 | TODO | MIRROR-CRT-56-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_125_mirror | AIRGAP-TIME-57-001 | TODO | MIRROR-CRT-57-002 | TODO | SPRINT_125_mirror
|
||||
SPRINT_125_mirror | CLI-AIRGAP-56-001 | TODO | MIRROR-CRT-56-002 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_125_mirror | CLI-AIRGAP-56-001 | TODO | MIRROR-CRT-58-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_125_mirror | EXPORT-OBS-51-001 | TODO | MIRROR-CRT-56-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_125_mirror | MIRROR-CRT-56-002 | TODO | MIRROR-CRT-56-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_125_mirror | MIRROR-CRT-56-002 | TODO | PROV-OBS-53-001 | TODO | SPRINT_125_mirror
|
||||
SPRINT_125_mirror | MIRROR-CRT-57-001 | TODO | MIRROR-CRT-56-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_125_mirror | MIRROR-CRT-57-002 | TODO | AIRGAP-TIME-57-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_125_mirror | MIRROR-CRT-57-002 | TODO | MIRROR-CRT-56-002 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_125_mirror | MIRROR-CRT-58-001 | TODO | CLI-AIRGAP-56-001 | TODO | SPRINT_125_mirror
|
||||
SPRINT_125_mirror | MIRROR-CRT-58-001 | TODO | MIRROR-CRT-56-002 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_125_mirror | MIRROR-CRT-58-002 | TODO | EXPORT-OBS-54-001 | TODO | SPRINT_163_exportcenter_ii
|
||||
SPRINT_125_mirror | MIRROR-CRT-58-002 | TODO | MIRROR-CRT-56-002 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_125_mirror | PROV-OBS-53-001 | TODO | MIRROR-CRT-56-001 | TODO | SPRINT_110_ingestion_evidence
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-29-003 | TODO | POLICY-ENGINE-29-002 | TODO | SPRINT_124_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-29-004 | TODO | POLICY-ENGINE-29-003 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-001 | TODO | POLICY-ENGINE-29-004 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-002 | TODO | POLICY-ENGINE-30-001 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-003 | TODO | POLICY-ENGINE-30-002 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-30-101 | TODO | POLICY-ENGINE-30-003 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-31-001 | TODO | POLICY-ENGINE-30-101 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-31-002 | TODO | POLICY-ENGINE-31-001 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-32-101 | TODO | POLICY-ENGINE-31-002 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-33-101 | TODO | POLICY-ENGINE-32-101 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-34-101 | TODO | POLICY-ENGINE-33-101 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-35-201 | TODO | POLICY-ENGINE-34-101 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-38-201 | TODO | POLICY-ENGINE-35-201 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-40-001 | TODO | POLICY-ENGINE-38-201 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_125_policy_reasoning | POLICY-ENGINE-40-002 | TODO | POLICY-ENGINE-40-001 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-40-003 | TODO | POLICY-ENGINE-40-002 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-001 | TODO | POLICY-ENGINE-40-003 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-002 | TODO | POLICY-ENGINE-50-001 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-003 | TODO | POLICY-ENGINE-50-002 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-004 | TODO | POLICY-ENGINE-50-003 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-005 | TODO | POLICY-ENGINE-50-004 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-006 | TODO | POLICY-ENGINE-50-005 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-50-007 | TODO | POLICY-ENGINE-50-006 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-60-001 | TODO | POLICY-ENGINE-50-007 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-60-002 | TODO | POLICY-ENGINE-60-001 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-002 | TODO | POLICY-ENGINE-60-002 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-003 | TODO | POLICY-ENGINE-70-002 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-004 | TODO | POLICY-ENGINE-70-003 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-70-005 | TODO | POLICY-ENGINE-70-004 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_126_policy_reasoning | POLICY-ENGINE-80-001 | TODO | POLICY-ENGINE-70-005 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-ENGINE-80-002 | TODO | POLICY-ENGINE-80-001 | TODO | SPRINT_126_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-ENGINE-80-003 | TODO | POLICY-ENGINE-80-002 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-ENGINE-80-004 | TODO | POLICY-ENGINE-80-003 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-51-001 | TODO | POLICY-OBS-50-001 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-52-001 | TODO | POLICY-OBS-51-001 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-53-001 | TODO | POLICY-OBS-52-001 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-54-001 | TODO | POLICY-OBS-53-001 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-OBS-55-001 | TODO | POLICY-OBS-54-001 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-002 | TODO | POLICY-RISK-66-001 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-003 | TODO | POLICY-RISK-66-002 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-66-004 | TODO | POLICY-RISK-66-003 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-67-001 | TODO | POLICY-RISK-66-004 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_127_policy_reasoning | POLICY-RISK-67-001 | TODO | POLICY-RISK-67-001 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-67-002 | TODO | POLICY-RISK-67-001 | TODO | SPRINT_127_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-67-002 | TODO | POLICY-RISK-67-002 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-67-003 | TODO | POLICY-RISK-67-002 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-68-001 | TODO | POLICY-RISK-67-003 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-68-001 | TODO | POLICY-RISK-68-001 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-68-002 | TODO | POLICY-RISK-68-001 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-68-002 | TODO | POLICY-RISK-68-002 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-69-001 | TODO | POLICY-RISK-68-002 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-RISK-70-001 | TODO | POLICY-RISK-69-001 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-002 | TODO | POLICY-SPL-23-001 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-003 | TODO | POLICY-SPL-23-002 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-004 | TODO | POLICY-SPL-23-003 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-23-005 | TODO | POLICY-SPL-23-004 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_128_policy_reasoning | POLICY-SPL-24-001 | TODO | POLICY-SPL-23-005 | TODO | SPRINT_128_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-002 | TODO | REGISTRY-API-27-001 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-003 | TODO | REGISTRY-API-27-002 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-004 | TODO | REGISTRY-API-27-003 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-005 | TODO | REGISTRY-API-27-004 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-006 | TODO | REGISTRY-API-27-005 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-007 | TODO | REGISTRY-API-27-006 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-008 | TODO | REGISTRY-API-27-007 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-009 | TODO | REGISTRY-API-27-008 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | REGISTRY-API-27-010 | TODO | REGISTRY-API-27-009 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-66-002 | TODO | RISK-ENGINE-66-001 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-67-001 | TODO | RISK-ENGINE-66-002 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-67-002 | TODO | RISK-ENGINE-67-001 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-67-003 | TODO | RISK-ENGINE-67-002 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-68-001 | TODO | RISK-ENGINE-67-003 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-68-002 | TODO | RISK-ENGINE-68-001 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-69-001 | TODO | RISK-ENGINE-68-002 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-69-002 | TODO | RISK-ENGINE-69-001 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-70-001 | TODO | RISK-ENGINE-69-002 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | RISK-ENGINE-70-002 | TODO | RISK-ENGINE-70-001 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-002 | TODO | VEXLENS-30-001 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-003 | TODO | VEXLENS-30-002 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-004 | TODO | VEXLENS-30-003 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | VEXLENS-30-004 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-006 | TODO | VEXLENS-30-005 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-007 | TODO | VEXLENS-30-006 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-008 | TODO | VEXLENS-30-007 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-009 | TODO | VEXLENS-30-008 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-010 | TODO | VEXLENS-30-009 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-30-011 | TODO | VEXLENS-30-010 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-AIAI-31-002 | TODO | VEXLENS-AIAI-31-001 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VEXLENS-ORCH-34-001 | TODO | VEXLENS-ORCH-33-001 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-002 | TODO | VULN-API-29-001 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-003 | TODO | VULN-API-29-002 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-004 | TODO | VULN-API-29-003 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-005 | TODO | VULN-API-29-004 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-006 | TODO | VULN-API-29-005 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-007 | TODO | VULN-API-29-006 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-008 | TODO | VULN-API-29-007 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-009 | TODO | VULN-API-29-008 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-010 | TODO | VULN-API-29-009 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_129_policy_reasoning | VULN-API-29-011 | TODO | VULN-API-29-010 | TODO | SPRINT_129_policy_reasoning
|
||||
SPRINT_131_scanner_surface | SCANNER-ANALYZERS-DENO-26-010 | TODO | SCANNER-ANALYZERS-DENO-26-009 | TODO | SPRINT_131_scanner_surface
|
||||
SPRINT_131_scanner_surface | SCANNER-ANALYZERS-DENO-26-011 | TODO | SCANNER-ANALYZERS-DENO-26-010 | TODO | SPRINT_131_scanner_surface
|
||||
SPRINT_131_scanner_surface | SCANNER-ANALYZERS-JAVA-21-006 | TODO | SCANNER-ANALYZERS-JAVA-21-005 | TODO | SPRINT_131_scanner_surface
|
||||
SPRINT_131_scanner_surface | SCANNER-ANALYZERS-JAVA-21-007 | TODO | SCANNER-ANALYZERS-JAVA-21-006 | TODO | SPRINT_131_scanner_surface
|
||||
SPRINT_131_scanner_surface | SCANNER-ANALYZERS-JAVA-21-008 | BLOCKED | SCANNER-ANALYZERS-JAVA-21-007 | TODO | SPRINT_131_scanner_surface
|
||||
SPRINT_131_scanner_surface | SCANNER-ANALYZERS-JAVA-21-009 | TODO | SCANNER-ANALYZERS-JAVA-21-008 | BLOCKED | SPRINT_131_scanner_surface
|
||||
SPRINT_131_scanner_surface | SCANNER-ANALYZERS-JAVA-21-010 | TODO | SCANNER-ANALYZERS-JAVA-21-009 | TODO | SPRINT_131_scanner_surface
|
||||
SPRINT_131_scanner_surface | SCANNER-ANALYZERS-JAVA-21-011 | TODO | SCANNER-ANALYZERS-JAVA-21-010 | TODO | SPRINT_131_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-LANG-11-002 | TODO | SCANNER-ANALYZERS-LANG-11-001 | TODO | SPRINT_131_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-LANG-11-003 | TODO | SCANNER-ANALYZERS-LANG-11-002 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-LANG-11-004 | TODO | SCANNER-ANALYZERS-LANG-11-003 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-LANG-11-005 | TODO | SCANNER-ANALYZERS-LANG-11-004 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NATIVE-20-002 | TODO | SCANNER-ANALYZERS-NATIVE-20-001 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NATIVE-20-003 | TODO | SCANNER-ANALYZERS-NATIVE-20-002 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NATIVE-20-004 | TODO | SCANNER-ANALYZERS-NATIVE-20-003 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NATIVE-20-005 | TODO | SCANNER-ANALYZERS-NATIVE-20-004 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NATIVE-20-006 | TODO | SCANNER-ANALYZERS-NATIVE-20-005 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NATIVE-20-007 | TODO | SCANNER-ANALYZERS-NATIVE-20-006 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NATIVE-20-008 | TODO | SCANNER-ANALYZERS-NATIVE-20-007 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NATIVE-20-009 | TODO | SCANNER-ANALYZERS-NATIVE-20-008 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NATIVE-20-010 | TODO | SCANNER-ANALYZERS-NATIVE-20-009 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NODE-22-002 | TODO | SCANNER-ANALYZERS-NODE-22-001 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NODE-22-003 | TODO | SCANNER-ANALYZERS-NODE-22-002 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NODE-22-004 | TODO | SCANNER-ANALYZERS-NODE-22-003 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_132_scanner_surface | SCANNER-ANALYZERS-NODE-22-005 | TODO | SCANNER-ANALYZERS-NODE-22-004 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-NODE-22-006 | TODO | SCANNER-ANALYZERS-NODE-22-005 | TODO | SPRINT_132_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-NODE-22-007 | TODO | SCANNER-ANALYZERS-NODE-22-006 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-NODE-22-008 | TODO | SCANNER-ANALYZERS-NODE-22-007 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-NODE-22-009 | TODO | SCANNER-ANALYZERS-NODE-22-008 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-NODE-22-010 | TODO | SCANNER-ANALYZERS-NODE-22-009 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-NODE-22-011 | TODO | SCANNER-ANALYZERS-NODE-22-010 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-NODE-22-012 | TODO | SCANNER-ANALYZERS-NODE-22-011 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-PHP-27-002 | TODO | SCANNER-ANALYZERS-PHP-27-001 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-PHP-27-003 | TODO | SCANNER-ANALYZERS-PHP-27-002 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-PHP-27-004 | TODO | SCANNER-ANALYZERS-PHP-27-003 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-PHP-27-005 | TODO | SCANNER-ANALYZERS-PHP-27-004 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-PHP-27-006 | TODO | SCANNER-ANALYZERS-PHP-27-005 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_133_scanner_surface | SCANNER-ANALYZERS-PHP-27-007 | TODO | SCANNER-ANALYZERS-PHP-27-006 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PHP-27-008 | TODO | SCANNER-ANALYZERS-PHP-27-002 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PHP-27-009 | TODO | SCANNER-ANALYZERS-PHP-27-007 | TODO | SPRINT_133_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PHP-27-010 | TODO | SCANNER-ANALYZERS-PHP-27-009 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PHP-27-011 | TODO | SCANNER-ANALYZERS-PHP-27-010 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PHP-27-012 | TODO | SCANNER-ANALYZERS-PHP-27-011 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-002 | TODO | SCANNER-ANALYZERS-PYTHON-23-001 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-003 | TODO | SCANNER-ANALYZERS-PYTHON-23-002 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-004 | TODO | SCANNER-ANALYZERS-PYTHON-23-003 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-005 | TODO | SCANNER-ANALYZERS-PYTHON-23-004 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-006 | TODO | SCANNER-ANALYZERS-PYTHON-23-005 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-007 | TODO | SCANNER-ANALYZERS-PYTHON-23-006 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-008 | TODO | SCANNER-ANALYZERS-PYTHON-23-007 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-009 | TODO | SCANNER-ANALYZERS-PYTHON-23-008 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-010 | TODO | SCANNER-ANALYZERS-PYTHON-23-009 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_134_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-011 | TODO | SCANNER-ANALYZERS-PYTHON-23-010 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-PYTHON-23-012 | TODO | SCANNER-ANALYZERS-PYTHON-23-011 | TODO | SPRINT_134_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-002 | TODO | SCANNER-ANALYZERS-RUBY-28-001 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-003 | TODO | SCANNER-ANALYZERS-RUBY-28-002 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-004 | TODO | SCANNER-ANALYZERS-RUBY-28-003 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-005 | TODO | SCANNER-ANALYZERS-RUBY-28-004 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-006 | TODO | SCANNER-ANALYZERS-RUBY-28-005 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-007 | TODO | SCANNER-ANALYZERS-RUBY-28-006 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-008 | TODO | SCANNER-ANALYZERS-RUBY-28-007 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-009 | TODO | SCANNER-ANALYZERS-RUBY-28-008 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-010 | TODO | SCANNER-ANALYZERS-RUBY-28-009 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-011 | TODO | SCANNER-ANALYZERS-RUBY-28-010 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ANALYZERS-RUBY-28-012 | TODO | SCANNER-ANALYZERS-RUBY-28-011 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_135_scanner_surface | SCANNER-ENTRYTRACE-18-503 | TODO | SCANNER-ENTRYTRACE-18-502 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_136_scanner_surface | SCANNER-EMIT-15-001 | TODO | SCANNER-SURFACE-04 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SCANNER-ENTRYTRACE-18-504 | TODO | SCANNER-ENTRYTRACE-18-503 | TODO | SPRINT_135_scanner_surface
|
||||
SPRINT_136_scanner_surface | SCANNER-ENTRYTRACE-18-505 | TODO | SCANNER-ENTRYTRACE-18-504 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SCANNER-ENTRYTRACE-18-506 | TODO | SCANNER-ENTRYTRACE-18-505 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SCANNER-ENV-02 | TODO | SCANNER-ENV-01 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SCANNER-ENV-03 | TODO | SCANNER-ENV-02 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SCANNER-LNM-21-002 | TODO | SCANNER-LNM-21-001 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SCANNER-SORT-02 | TODO | SCANNER-EMIT-15-001 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SCANNER-SURFACE-04 | TODO | SURFACE-FS-03 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SCHED-SURFACE-02 | TODO | SCHED-SURFACE-01 | TODO | SPRINT_155_scheduler_i
|
||||
SPRINT_136_scanner_surface | SURFACE-ENV-03 | TODO | SURFACE-ENV-02 | DOING | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-ENV-04 | TODO | SURFACE-ENV-02 | DOING | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-ENV-05 | TODO | SURFACE-ENV-03 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-ENV-05 | TODO | SURFACE-ENV-04 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-FS-05 | TODO | SURFACE-FS-03 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-FS-07 | TODO | SCANNER-SURFACE-04 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-SECRETS-02 | DOING | SURFACE-SECRETS-01 | DOING | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-SECRETS-03 | TODO | SURFACE-SECRETS-02 | DOING | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-SECRETS-04 | TODO | SURFACE-SECRETS-02 | DOING | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-SECRETS-05 | TODO | SURFACE-SECRETS-02 | DOING | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-SECRETS-06 | TODO | SURFACE-SECRETS-03 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-VAL-02 | TODO | SURFACE-ENV-02 | DOING | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-VAL-02 | TODO | SURFACE-VAL-01 | DOING | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-VAL-03 | TODO | SURFACE-VAL-02 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-VAL-04 | TODO | SURFACE-VAL-02 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | SURFACE-VAL-05 | TODO | SURFACE-VAL-02 | TODO | SPRINT_136_scanner_surface
|
||||
SPRINT_136_scanner_surface | ZASTAVA-SURFACE-02 | TODO | ZASTAVA-SURFACE-01 | TODO | SPRINT_140_runtime_signals
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-004 | DOING | CONSOLE-VEX-30-001 | DOING | SPRINT_212_web_i
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-004 | DOING | CONSOLE-VULN-29-001 | DOING | SPRINT_212_web_i
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-004 | DOING | EXCITITOR-CONSOLE-23-001 | TODO | SPRINT_120_excititor_ii
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-005 | BLOCKED | CLI-VEX-30-001 | TODO | SPRINT_205_cli_v
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-005 | BLOCKED | CLI-VULN-29-001 | TODO | SPRINT_205_cli_v
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-005 | BLOCKED | DOCS-AIAI-31-004 | DOING | SPRINT_110_ingestion_evidence
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-006 | BLOCKED | DOCS-AIAI-31-005 | BLOCKED | SPRINT_110_ingestion_evidence
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-006 | BLOCKED | POLICY-ENGINE-31-001 | TODO | SPRINT_125_policy_reasoning
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-008 | BLOCKED | SBOM-AIAI-31-001 | TODO | SPRINT_140_runtime_signals
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-009 | BLOCKED | DEVOPS-AIAI-31-001 | TODO | SPRINT_503_ops_devops_i
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-009 | BLOCKED | DOCS-AIAI-31-008 | BLOCKED | SPRINT_111_advisoryai
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-56-002 | TODO | DOCS-AIRGAP-56-001 | TODO | SPRINT_301_docs_tasks_md_i
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-56-003 | TODO | DOCS-AIRGAP-56-002 | TODO | SPRINT_301_docs_tasks_md_i
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-56-004 | TODO | DOCS-AIRGAP-56-003 | TODO | SPRINT_301_docs_tasks_md_i
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-57-001 | TODO | DOCS-AIRGAP-56-004 | TODO | SPRINT_301_docs_tasks_md_i
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-57-002 | TODO | DOCS-AIRGAP-57-001 | TODO | SPRINT_301_docs_tasks_md_i
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-CLI-DET-01 | TODO | CLI-SBOM-60-001 | TODO | SPRINT_203_cli_iii
|
||||
SPRINT_301_docs_tasks_md_i | DOCS-CLI-DET-01 | TODO | CLI-SBOM-60-002 | TODO | SPRINT_203_cli_iii
|
||||
|
448
docs/implplan/task-status-snapshot.md
Normal file
448
docs/implplan/task-status-snapshot.md
Normal file
@@ -0,0 +1,448 @@
|
||||
| Sprint | Task ID | Status | Guild | Working directory | Known pre-requisites |
|
||||
| --- | --- | --- | --- | --- | --- |
|
||||
| SPRINT_110_ingestion_evidence | AIAI-31-008 | TODO | Advisory AI Guild | | AIAI-31-006; AIAI-31-007 |
|
||||
| SPRINT_110_ingestion_evidence | CONCELIER-AIAI-31-002 | DOING | Concelier Core · Concelier WebService Guilds | | CONCELIER-GRAPH-21-001/002; CARTO-GRAPH-21-002 |
|
||||
| SPRINT_110_ingestion_evidence | CONCELIER-AIRGAP-56-001..58-001 | TODO | Concelier Core · AirGap Guilds | | Link-Not-Merge schema; Evidence Locker attestation contract |
|
||||
| SPRINT_110_ingestion_evidence | CONCELIER-ATTEST-73-001/002 | TODO | Concelier Core · Evidence Locker Guild | | CONCELIER-AIAI-31-002; Evidence Locker contract |
|
||||
| SPRINT_110_ingestion_evidence | CONCELIER-CONSOLE-23-001..003 | TODO | Concelier Console Guild | | Link-Not-Merge schema |
|
||||
| SPRINT_110_ingestion_evidence | DOCS-AIAI-31-004 | DOING | Docs Guild · Console Guild | | CONSOLE-VULN-29-001; CONSOLE-VEX-30-001; SBOM-AIAI-31-001/003 |
|
||||
| SPRINT_110_ingestion_evidence | DOCS-AIAI-31-005/006/008/009 | BLOCKED | Docs Guild | | DOCS-AIAI-31-004; CLI-VULN-29-001; CLI-VEX-30-001; POLICY-ENGINE-31-001; DEVOPS-AIAI-31-001 |
|
||||
| SPRINT_110_ingestion_evidence | EXCITITOR-AIAI-31-002 | TODO | Excititor Web/Core Guilds | | Link-Not-Merge schema; Evidence Locker contract |
|
||||
| SPRINT_110_ingestion_evidence | EXCITITOR-AIAI-31-003 | TODO | Excititor Observability Guild | | EXCITITOR-AIAI-31-002 |
|
||||
| SPRINT_110_ingestion_evidence | EXCITITOR-AIAI-31-004 | TODO | Docs Guild · Excititor Guild | | EXCITITOR-AIAI-31-002 |
|
||||
| SPRINT_110_ingestion_evidence | EXCITITOR-AIRGAP-56/57/58 · EXCITITOR-CONN-TRUST-01-001 | TODO | Excititor Guild · AirGap Guilds | | Link-Not-Merge schema; attestation plan |
|
||||
| SPRINT_110_ingestion_evidence | EXCITITOR-ATTEST-01-003 / 73-001 / 73-002 | TODO | Excititor Guild · Evidence Locker Guild | | EXCITITOR-AIAI-31-002; Evidence Locker contract |
|
||||
| SPRINT_110_ingestion_evidence | EXPORT-OBS-51-001 / 54-001 · AIRGAP-TIME-57-001 · CLI-AIRGAP-56-001 · PROV-OBS-53-001 | TODO | Exporter Guild · AirGap Time Guild · CLI Guild | | MIRROR-CRT-56-001 staffing |
|
||||
| SPRINT_110_ingestion_evidence | FEEDCONN-ICSCISA-02-012 / FEEDCONN-KISA-02-008 | BLOCKED | Concelier Feed Owners | | Feed owner remediation plan |
|
||||
| SPRINT_110_ingestion_evidence | MIRROR-CRT-56-001 | TODO | Mirror Creator Guild | | Staffing decision |
|
||||
| SPRINT_110_ingestion_evidence | MIRROR-CRT-56-002 | TODO | Mirror Creator · Security Guilds | | MIRROR-CRT-56-001; PROV-OBS-53-001 |
|
||||
| SPRINT_110_ingestion_evidence | MIRROR-CRT-57-001/002 | TODO | Mirror Creator Guild · AirGap Time Guild | | MIRROR-CRT-56-001; AIRGAP-TIME-57-001 |
|
||||
| SPRINT_110_ingestion_evidence | MIRROR-CRT-58-001/002 | TODO | Mirror Creator Guild · CLI Guild · Exporter Guild | | MIRROR-CRT-56-001; EXPORT-OBS-54-001; CLI-AIRGAP-56-001 |
|
||||
| SPRINT_110_ingestion_evidence | SBOM-AIAI-31-003 | BLOCKED | SBOM Service Guild | | SBOM-AIAI-31-001; CLI-VULN-29-001; CLI-VEX-30-001 |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-29-007 | TODO | Findings Ledger Guild, Observability Guild | src/Findings/StellaOps.Findings.Ledger | Instrument metrics (`ledger_write_latency`, `projection_lag_seconds`, `ledger_events_total`), structured logs, and Merkle anchoring alerts; publish dashboards (Deps: LEDGER-29-006) |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-29-007/008 | TODO | Findings Ledger Guild · Observability Guild · QA Guild | | |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-29-008 | TODO | Findings Ledger Guild, QA Guild | src/Findings/StellaOps.Findings.Ledger | Develop unit/property/integration tests, replay/restore tooling, determinism harness, and load tests at 5M findings/tenant (Deps: LEDGER-29-007) |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-29-009 | TODO | Findings Ledger Guild, DevOps Guild | src/Findings/StellaOps.Findings.Ledger | Provide deployment manifests (Helm/Compose), backup/restore guidance, Merkle anchor externalization (optional), and offline kit instructions (Deps: LEDGER-29-008) |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-29-009 | TODO | Findings Ledger Guild · DevOps Guild | | |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-34-101 | TODO | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | Link orchestrator run ledger exports into Findings Ledger provenance chain, index by artifact hash, and expose audit queries (Deps: LEDGER-29-009) |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-34-101 | TODO | Findings Ledger Guild | | |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-AIRGAP-56-001 | TODO | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | Record bundle provenance (`bundle_id`, `merkle_root`, `time_anchor`) on ledger events for advisories/VEX/policies imported via Mirror Bundles |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-AIRGAP-56-002 | TODO | Findings Ledger Guild, AirGap Time Guild | src/Findings/StellaOps.Findings.Ledger | Surface staleness metrics for findings and block risk-critical exports when stale beyond thresholds; provide remediation messaging (Deps: LEDGER-AIRGAP-56-001) |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-AIRGAP-56/57/58 series | TODO | Findings Ledger Guild · AirGap Guilds · Evidence Locker Guild | | |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-AIRGAP-57-001 | TODO | Findings Ledger Guild, Evidence Locker Guild | src/Findings/StellaOps.Findings.Ledger | Link findings evidence snapshots to portable evidence bundles and ensure cross-enclave verification works (Deps: LEDGER-AIRGAP-56-002) |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-AIRGAP-58-001 | TODO | Findings Ledger Guild, AirGap Controller Guild | src/Findings/StellaOps.Findings.Ledger | Emit timeline events for bundle import impacts (new findings, remediation changes) with sealed-mode context (Deps: LEDGER-AIRGAP-57-001) |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-ATTEST-73-001 | TODO | Findings Ledger Guild, Attestor Service Guild | src/Findings/StellaOps.Findings.Ledger | Persist pointers from findings to verification reports and attestation envelopes for explainability |
|
||||
| SPRINT_120_policy_reasoning | LEDGER-ATTEST-73-001 | TODO | Findings Ledger Guild · Attestor Service Guild | | |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-ATTEST-73-002 | TODO | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | Enable search/filter in findings projections by verification result and attestation status (Deps: LEDGER-ATTEST-73-001) |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-EXPORT-35-001 | TODO | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | Provide paginated streaming endpoints for advisories, VEX, SBOMs, and findings aligned with export filters, including deterministic ordering and provenance metadata |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-OAS-61-001 | TODO | Findings Ledger Guild, API Contracts Guild | src/Findings/StellaOps.Findings.Ledger | Expand Findings Ledger OAS to include projections, evidence lookups, and filter parameters with examples |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-OAS-61-002 | TODO | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | Implement `/.well-known/openapi` endpoint and ensure version metadata matches release (Deps: LEDGER-OAS-61-001) |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-OAS-62-001 | TODO | Findings Ledger Guild, SDK Generator Guild | src/Findings/StellaOps.Findings.Ledger | Provide SDK test cases for findings pagination, filtering, evidence links; ensure typed models expose provenance (Deps: LEDGER-OAS-61-002) |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-OAS-63-001 | TODO | Findings Ledger Guild, API Governance Guild | src/Findings/StellaOps.Findings.Ledger | Support deprecation headers and Notifications for retiring finding endpoints (Deps: LEDGER-OAS-62-001) |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-OBS-50-001 | TODO | Findings Ledger Guild, Observability Guild | src/Findings/StellaOps.Findings.Ledger | Integrate telemetry core within ledger writer/projector services, emitting structured logs and trace spans for ledger append, projector replay, and query APIs with tenant context |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-OBS-51-001 | TODO | Findings Ledger Guild, DevOps Guild | src/Findings/StellaOps.Findings.Ledger | Publish metrics for ledger latency, projector lag, event throughput, and policy evaluation linkage. Define SLOs (ledger append P95 < 1s, replay lag < 30s) with burn-rate alerts and dashboards (Deps: LEDGER-OBS-50-001) |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-OBS-52-001 | TODO | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | Emit timeline events for ledger writes and projector commits (`ledger.event.appended`, `ledger.projection.updated`) with trace ID, policy version, evidence bundle reference placeholders (Deps: LEDGER-OBS-51-001) |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-OBS-53-001 | TODO | Findings Ledger Guild, Evidence Locker Guild | src/Findings/StellaOps.Findings.Ledger | Persist evidence bundle references (evaluation/job capsules) alongside ledger entries, exposing lookup API linking findings to evidence manifests and timeline (Deps: LEDGER-OBS-52-001) |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-OBS-54-001 | TODO | Findings Ledger Guild, Provenance Guild | src/Findings/StellaOps.Findings.Ledger | Verify attestation references for ledger-derived exports; expose `/ledger/attestations` endpoint returning DSSE verification state and chain-of-custody summary (Deps: LEDGER-OBS-53-001) |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-OBS-55-001 | TODO | Findings Ledger Guild, DevOps Guild | src/Findings/StellaOps.Findings.Ledger | Enhance incident mode to record additional replay diagnostics (lag traces, conflict snapshots) and extend retention while active. Emit activation events to timeline + notifier (Deps: LEDGER-OBS-54-001) |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-PACKS-42-001 | TODO | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | Provide snapshot/time-travel APIs and digestable exports for task pack simulation and CLI offline mode |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-RISK-66-001 | TODO | Findings Ledger Guild, Risk Engine Guild | src/Findings/StellaOps.Findings.Ledger | Add schema migrations for `risk_score`, `risk_severity`, `profile_version`, `explanation_id`, and supporting indexes |
|
||||
| SPRINT_121_policy_reasoning | LEDGER-RISK-66-002 | TODO | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | Implement deterministic upsert of scoring results keyed by finding hash/profile version with history audit (Deps: LEDGER-RISK-66-001) |
|
||||
| SPRINT_122_policy_reasoning | LEDGER-RISK-67-001 | TODO | Findings Ledger Guild, Risk Engine Guild | src/Findings/StellaOps.Findings.Ledger | Expose query APIs for scored findings with score/severity filters, pagination, and explainability links (Deps: LEDGER-RISK-66-002) |
|
||||
| SPRINT_122_policy_reasoning | LEDGER-RISK-68-001 | TODO | Findings Ledger Guild, Export Guild | src/Findings/StellaOps.Findings.Ledger | Enable export of scored findings and simulation results via Export Center integration (Deps: LEDGER-RISK-67-001) |
|
||||
| SPRINT_122_policy_reasoning | LEDGER-RISK-69-001 | TODO | Findings Ledger Guild, Observability Guild | src/Findings/StellaOps.Findings.Ledger | Emit metrics/dashboards for scoring latency, result freshness, severity distribution, provider gaps (Deps: LEDGER-RISK-68-001) |
|
||||
| SPRINT_122_policy_reasoning | LEDGER-TEN-48-001 | TODO | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | Partition ledger tables by tenant/project, enable RLS, update queries/events, and stamp audit metadata |
|
||||
| SPRINT_123_policy_reasoning | EXPORT-CONSOLE-23-001 | TODO | Policy Guild, Scheduler Guild, Observability Guild | src/Policy/StellaOps.Policy.Engine | Build evidence bundle/export generator producing signed manifests, CSV/JSON replay endpoints, and trace attachments; integrate with scheduler jobs and expose progress telemetry |
|
||||
| SPRINT_123_policy_reasoning | POLICY-AIRGAP-56-001 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Support policy pack imports from Mirror Bundles, track `bundle_id` metadata, and ensure deterministic caching |
|
||||
| SPRINT_123_policy_reasoning | POLICY-AIRGAP-56-002 | TODO | Policy Guild, Policy Studio Guild | src/Policy/StellaOps.Policy.Engine | Export policy sub-bundles (`stella policy bundle export`) with DSSE signatures for outbound transfer (Deps: POLICY-AIRGAP-56-001) |
|
||||
| SPRINT_123_policy_reasoning | POLICY-AIRGAP-57-001 | TODO | Policy Guild, AirGap Policy Guild | src/Policy/StellaOps.Policy.Engine | Enforce sealed-mode guardrails in evaluation (no outbound fetch), surface `AIRGAP_EGRESS_BLOCKED` errors with remediation (Deps: POLICY-AIRGAP-56-002) |
|
||||
| SPRINT_123_policy_reasoning | POLICY-AIRGAP-57-002 | TODO | Policy Guild, AirGap Time Guild | src/Policy/StellaOps.Policy.Engine | Annotate rule explanations with staleness information and fallback data (cached EPSS, vendor risk) (Deps: POLICY-AIRGAP-57-001) |
|
||||
| SPRINT_123_policy_reasoning | POLICY-AIRGAP-58-001 | TODO | Policy Guild, Notifications Guild | src/Policy/StellaOps.Policy.Engine | Emit notifications when policy packs near staleness thresholds or missing required bundles (Deps: POLICY-AIRGAP-57-002) |
|
||||
| SPRINT_123_policy_reasoning | POLICY-AOC-19-001 | TODO | Policy Guild | src/Policy/__Libraries/StellaOps.Policy | Add Roslyn/CI lint preventing ingestion projects from referencing Policy merge/severity helpers; block forbidden writes at compile time |
|
||||
| SPRINT_123_policy_reasoning | POLICY-AOC-19-002 | TODO | Policy Guild, Platform Security | src/Policy/__Libraries/StellaOps.Policy | Enforce `effective_finding_*` write gate ensuring only Policy Engine identity can create/update materializations (Deps: POLICY-AOC-19-001) |
|
||||
| SPRINT_123_policy_reasoning | POLICY-AOC-19-003 | TODO | Policy Guild | src/Policy/__Libraries/StellaOps.Policy | Update readers/processors to consume only `content.raw`, `identifiers`, and `linkset`. Remove dependencies on legacy normalized fields and refresh fixtures (Deps: POLICY-AOC-19-002) |
|
||||
| SPRINT_123_policy_reasoning | POLICY-AOC-19-004 | TODO | Policy Guild, QA Guild | src/Policy/__Libraries/StellaOps.Policy | Add regression tests ensuring policy derived outputs remain deterministic when ingesting revised raw docs (supersedes) and when violations occur (Deps: POLICY-AOC-19-003) |
|
||||
| SPRINT_123_policy_reasoning | POLICY-ATTEST-73-001 | TODO | Policy Guild, Attestor Service Guild | src/Policy/StellaOps.Policy.Engine | Introduce VerificationPolicy object: schema, persistence, versioning, and lifecycle |
|
||||
| SPRINT_123_policy_reasoning | POLICY-ATTEST-73-002 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Provide Policy Studio editor with validation, dry-run simulation, and version diff (Deps: POLICY-ATTEST-73-001) |
|
||||
| SPRINT_123_policy_reasoning | POLICY-ATTEST-74-001 | TODO | Policy Guild, Attestor Service Guild | src/Policy/StellaOps.Policy.Engine | Integrate verification policies into attestor verification pipeline with caching and waiver support (Deps: POLICY-ATTEST-73-002) |
|
||||
| SPRINT_123_policy_reasoning | POLICY-ATTEST-74-002 | TODO | Policy Guild, Console Guild | src/Policy/StellaOps.Policy.Engine | Surface policy evaluations in Console verification reports with rule explanations (Deps: POLICY-ATTEST-74-001) |
|
||||
| SPRINT_123_policy_reasoning | POLICY-CONSOLE-23-001 | TODO | Policy Guild, BE-Base Platform Guild | src/Policy/StellaOps.Policy.Engine | Optimize findings/explain APIs for Console: cursor-based pagination at scale, global filter parameters (severity bands, policy version, time window), rule trace summarization, and aggregation hints for dashboard cards. Ensure deterministic ordering and expose provenance refs |
|
||||
| SPRINT_124_policy_reasoning | POLICY-CONSOLE-23-002 | TODO | Policy Guild, Product Ops | src/Policy/StellaOps.Policy.Engine | Produce simulation diff metadata (before/after counts, severity deltas, rule impact summaries) and approval state endpoints consumed by Console policy workspace; expose RBAC-aware status transitions (Deps: POLICY-CONSOLE-23-001) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-20-002 | BLOCKED (2025-10-26) | Policy Guild | src/Policy/StellaOps.Policy.Engine | Build deterministic evaluator honoring lexical/priority order, first-match semantics, and safe value types (no wall-clock/network access) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-20-003 | TODO | Policy Guild, Concelier Core Guild, Excititor Core Guild | src/Policy/StellaOps.Policy.Engine | Implement selection joiners resolving SBOM↔advisory↔VEX tuples using linksets and PURL equivalence tables, with deterministic batching (Deps: POLICY-ENGINE-20-002) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-20-004 | TODO | Policy Guild, Platform Storage Guild | src/Policy/StellaOps.Policy.Engine | Ship materialization writer that upserts into `effective_finding_{policyId}` with append-only history, tenant scoping, and trace references (Deps: POLICY-ENGINE-20-003) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-20-005 | TODO | Policy Guild, Security Engineering | src/Policy/StellaOps.Policy.Engine | Enforce determinism guard banning wall-clock, RNG, and network usage during evaluation via static analysis + runtime sandbox (Deps: POLICY-ENGINE-20-004) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-20-006 | TODO | Policy Guild, Scheduler Worker Guild | src/Policy/StellaOps.Policy.Engine | Implement incremental orchestrator reacting to advisory/vex/SBOM change streams and scheduling partial policy re-evaluations (Deps: POLICY-ENGINE-20-005) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-20-007 | TODO | Policy Guild, Observability Guild | src/Policy/StellaOps.Policy.Engine | Emit structured traces/logs of rule hits with sampling controls, metrics (`rules_fired_total`, `vex_overrides_total`), and expose explain trace exports (Deps: POLICY-ENGINE-20-006) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-20-008 | TODO | Policy Guild, QA Guild | src/Policy/StellaOps.Policy.Engine | Add unit/property/golden/perf suites covering policy compilation, evaluation correctness, determinism, and SLA targets (Deps: POLICY-ENGINE-20-007) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-20-009 | TODO | Policy Guild, Storage Guild | src/Policy/StellaOps.Policy.Engine | Define Mongo schemas/indexes for `policies`, `policy_runs`, and `effective_finding_*`; implement migrations and tenant enforcement (Deps: POLICY-ENGINE-20-008) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-27-001 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Extend compile outputs to include rule coverage metadata, symbol table, inline documentation, and rule index for editor autocomplete; persist deterministic hashes (Deps: POLICY-ENGINE-20-009) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-27-002 | TODO | Policy Guild, Observability Guild | src/Policy/StellaOps.Policy.Engine | Enhance simulate endpoints to emit rule firing counts, heatmap aggregates, sampled explain traces with deterministic ordering, and delta summaries for quick/batch sims (Deps: POLICY-ENGINE-27-001) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-29-001 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Implement batch evaluation endpoint (`POST /policy/eval/batch`) returning determinations + rationale chain for sets of `(artifact,purl,version,advisory)` tuples; support pagination and cost budgets (Deps: POLICY-ENGINE-27-004) |
|
||||
| SPRINT_124_policy_reasoning | POLICY-ENGINE-29-002 | TODO | Policy Guild, Findings Ledger Guild | src/Policy/StellaOps.Policy.Engine | Provide streaming simulation API comparing two policy versions, returning per-finding deltas without writes; align determinism with Vuln Explorer simulation (Deps: POLICY-ENGINE-29-001) |
|
||||
| SPRINT_125_mirror | AIRGAP-TIME-57-001 | TODO | AirGap Time Guild | | MIRROR-CRT-56-001; MIRROR-CRT-57-002 |
|
||||
| SPRINT_125_mirror | CLI-AIRGAP-56-001 | TODO | CLI Guild | | MIRROR-CRT-56-002; MIRROR-CRT-58-001 |
|
||||
| SPRINT_125_mirror | EXPORT-OBS-51-001 / 54-001 | TODO | Exporter Guild | | MIRROR-CRT-56-001 staffing |
|
||||
| SPRINT_125_mirror | MIRROR-CRT-56-001 | TODO | Mirror Creator Guild | | Staffing decision |
|
||||
| SPRINT_125_mirror | MIRROR-CRT-56-002 | TODO | Mirror Creator · Security Guilds | | MIRROR-CRT-56-001; PROV-OBS-53-001 |
|
||||
| SPRINT_125_mirror | MIRROR-CRT-57-001 | TODO | Mirror Creator · DevOps Guild | | MIRROR-CRT-56-001 |
|
||||
| SPRINT_125_mirror | MIRROR-CRT-57-002 | TODO | Mirror Creator · AirGap Time Guild | | MIRROR-CRT-56-002; AIRGAP-TIME-57-001 |
|
||||
| SPRINT_125_mirror | MIRROR-CRT-58-001 | TODO | Mirror Creator · CLI Guild | | MIRROR-CRT-56-002; CLI-AIRGAP-56-001 |
|
||||
| SPRINT_125_mirror | MIRROR-CRT-58-002 | TODO | Mirror Creator · Exporter Guild | | MIRROR-CRT-56-002; EXPORT-OBS-54-001 |
|
||||
| SPRINT_125_mirror | PROV-OBS-53-001 | TODO | Security Guild | | MIRROR-CRT-56-001 |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-29-003 | TODO | Policy Guild, SBOM Service Guild | src/Policy/StellaOps.Policy.Engine | Surface path/scope awareness in determinations (signal optional/dev/test downgrade, runtime boost) for Vuln Explorer display (Deps: POLICY-ENGINE-29-002) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-29-004 | TODO | Policy Guild, Observability Guild | src/Policy/StellaOps.Policy.Engine | Add metrics/logs for batch evaluation (latency, queue depth) and simulation diff counts; update dashboards (Deps: POLICY-ENGINE-29-003) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-30-001 | TODO | Policy Guild, Cartographer Guild | src/Policy/StellaOps.Policy.Engine | Define overlay contract for graph nodes/edges (status, severity, rationale refs, path relevance), expose projection API for Cartographer, and document schema versioning (Deps: POLICY-ENGINE-29-004) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-30-002 | TODO | Policy Guild, Cartographer Guild | src/Policy/StellaOps.Policy.Engine | Implement simulation bridge returning on-the-fly overlays for Cartographer/Graph Explorer when invoking Policy Engine simulate; ensure no writes and deterministic outputs (Deps: POLICY-ENGINE-30-001) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-30-003 | TODO | Policy Guild, Scheduler Guild, Cartographer Guild | src/Policy/StellaOps.Policy.Engine | Emit change events (`policy.effective.updated`) with graph-friendly payloads so Cartographer overlay worker refreshes nodes/edges within 2 minutes (Deps: POLICY-ENGINE-30-002) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-30-101 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Surface trust weighting configuration (issuer base weights, signature modifiers, recency decay, scope adjustments) for VEX Lens via Policy Studio + API; ensure deterministic evaluation (Deps: POLICY-ENGINE-30-003) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-31-001 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Expose policy knobs for Advisory AI (trust presets, temperature, token limits, plan ranking weights, TTLs) via Policy Studio and config APIs (Deps: POLICY-ENGINE-30-101) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-31-002 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Provide batch endpoint delivering policy context (thresholds, obligations) consumed by Advisory AI remediation planner (Deps: POLICY-ENGINE-31-001) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-32-101 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Define orchestrator `policy_eval` job schema, idempotency keys, and enqueue hooks triggered by advisory/VEX/SBOM events (Deps: POLICY-ENGINE-31-002) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-33-101 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Implement orchestrator-driven policy evaluation workers using SDK heartbeats, respecting throttles, and emitting SLO metrics (Deps: POLICY-ENGINE-32-101) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-34-101 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Publish policy run ledger exports + SLO burn-rate metrics to orchestrator; ensure provenance chain links to Findings Ledger (Deps: POLICY-ENGINE-33-101) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-35-201 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Expose deterministic policy snapshot API and evaluated findings stream keyed by policy version for exporter consumption (Deps: POLICY-ENGINE-34-101) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-38-201 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Emit enriched policy violation events (decision rationale ids, risk bands) via orchestrator event bus for Notifications Studio (Deps: POLICY-ENGINE-35-201) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-40-001 | TODO | Policy Guild, Concelier Guild | src/Policy/StellaOps.Policy.Engine | Update severity/status evaluation pipelines to consume multiple source severities per linkset, supporting selection strategies (max, preferred source, policy-defined) (Deps: POLICY-ENGINE-38-201) |
|
||||
| SPRINT_125_policy_reasoning | POLICY-ENGINE-40-002 | TODO | Policy Guild, Excititor Guild | src/Policy/StellaOps.Policy.Engine | Accept VEX linkset conflicts and provide rationale references in effective findings; ensure explain traces cite observation IDs (Deps: POLICY-ENGINE-40-001) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-40-003 | TODO | Policy Guild, Web Scanner Guild | src/Policy/StellaOps.Policy.Engine | Provide API/SDK utilities for consumers (Web Scanner, Graph Explorer) to request policy decisions with source evidence summaries (top severity sources, conflict counts) (Deps: POLICY-ENGINE-40-002) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-50-001 | TODO | Policy Guild, Platform Security | src/Policy/StellaOps.Policy.Engine | Implement SPL compiler: validate YAML, canonicalize, produce signed bundle, store artifact in object storage, write `policy_revisions` with AOC metadata (Deps: POLICY-ENGINE-40-003) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-50-002 | TODO | Policy Guild, Runtime Guild | src/Policy/StellaOps.Policy.Engine | Build runtime evaluator executing compiled plans over advisory/vex linksets + SBOM asset metadata with deterministic caching (Redis) and fallback path (Deps: POLICY-ENGINE-50-001) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-50-003 | TODO | Policy Guild, Observability Guild | src/Policy/StellaOps.Policy.Engine | Implement evaluation/compilation metrics, tracing, and structured logs (`policy_eval_seconds`, `policy_compiles_total`, explanation sampling) (Deps: POLICY-ENGINE-50-002) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-50-004 | TODO | Policy Guild, Platform Events Guild | src/Policy/StellaOps.Policy.Engine | Build event pipeline: subscribe to linkset/SBOM updates, schedule re-eval jobs, emit `policy.effective.updated` events with diff metadata (Deps: POLICY-ENGINE-50-003) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-50-005 | TODO | Policy Guild, Storage Guild | src/Policy/StellaOps.Policy.Engine | Design and implement `policy_packs`, `policy_revisions`, `policy_runs`, `policy_artifacts` collections with indexes, TTL, and tenant scoping (Deps: POLICY-ENGINE-50-004) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-50-006 | TODO | Policy Guild, QA Guild | src/Policy/StellaOps.Policy.Engine | Implement explainer persistence + retrieval APIs linking decisions to explanation tree and AOC chain (Deps: POLICY-ENGINE-50-005) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-50-007 | TODO | Policy Guild, Scheduler Worker Guild | src/Policy/StellaOps.Policy.Engine | Provide evaluation worker host/DI wiring and job orchestration hooks for batch re-evaluations after policy activation (Deps: POLICY-ENGINE-50-006) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-60-001 | TODO | Policy Guild, SBOM Service Guild | src/Policy/StellaOps.Policy.Engine | Maintain Redis effective decision maps per asset/snapshot for Graph overlays; implement versioning and eviction strategy (Deps: POLICY-ENGINE-50-007) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-60-002 | TODO | Policy Guild, BE-Base Platform Guild | src/Policy/StellaOps.Policy.Engine | Expose simulation bridge for Graph What-if APIs, supporting hypothetical SBOM diffs and draft policies without persisting results (Deps: POLICY-ENGINE-60-001) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-70-002 | TODO | Policy Guild, Storage Guild | src/Policy/StellaOps.Policy.Engine | Design and create Mongo collections (`exceptions`, `exception_reviews`, `exception_bindings`) with indexes and migrations; expose repository APIs (Deps: POLICY-ENGINE-60-002) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-70-003 | TODO | Policy Guild, Runtime Guild | src/Policy/StellaOps.Policy.Engine | Build Redis exception decision cache (`exceptions_effective_map`) with warm/invalidation logic reacting to `exception.*` events (Deps: POLICY-ENGINE-70-002) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-70-004 | TODO | Policy Guild, Observability Guild | src/Policy/StellaOps.Policy.Engine | Extend metrics/tracing/logging for exception application (latency, counts, expiring events) and include AOC references in logs (Deps: POLICY-ENGINE-70-003) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-70-005 | TODO | Policy Guild, Scheduler Worker Guild | src/Policy/StellaOps.Policy.Engine | Provide APIs/workers hook for exception activation/expiry (auto start/end) and event emission (`exception.activated/expired`) (Deps: POLICY-ENGINE-70-004) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-ENGINE-80-001 | TODO | Policy Guild, Signals Guild | src/Policy/StellaOps.Policy.Engine | Integrate reachability/exploitability inputs into evaluation pipeline (state/score/confidence) with caching and explain support (Deps: POLICY-ENGINE-70-005) |
|
||||
| SPRINT_126_policy_reasoning | POLICY-RISK-90-001 | TODO | Policy Guild, Scanner Guild | src/Policy/StellaOps.Policy.Engine | Ingest entropy penalty inputs from Scanner (`entropy.report.json`, `layer_summary.json`), extend trust algebra with configurable weights/caps, and expose explanations/metrics for opaque ratio penalties (`docs/modules/scanner/entropy.md`). |
|
||||
| SPRINT_127_policy_reasoning | POLICY-ENGINE-80-002 | TODO | Policy Guild, Storage Guild | src/Policy/StellaOps.Policy.Engine | Create joining layer to read `reachability_facts` efficiently (indexes, projections) and populate Redis overlay caches (Deps: POLICY-ENGINE-80-001) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-ENGINE-80-003 | TODO | Policy Guild, Policy Editor Guild | src/Policy/StellaOps.Policy.Engine | Extend SPL predicates/actions to reference reachability state/score/confidence; update compiler validation (Deps: POLICY-ENGINE-80-002) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-ENGINE-80-004 | TODO | Policy Guild, Observability Guild | src/Policy/StellaOps.Policy.Engine | Emit metrics (`policy_reachability_applied_total`, `policy_reachability_cache_hit_ratio`) and traces for signals usage (Deps: POLICY-ENGINE-80-003) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-OBS-50-001 | TODO | Policy Guild, Observability Guild | src/Policy/StellaOps.Policy.Engine | Integrate telemetry core into policy API + worker hosts, ensuring spans/logs cover compile/evaluate flows with `tenant_id`, `policy_version`, `decision_effect`, and trace IDs |
|
||||
| SPRINT_127_policy_reasoning | POLICY-OBS-51-001 | TODO | Policy Guild, DevOps Guild | src/Policy/StellaOps.Policy.Engine | Emit golden-signal metrics (compile latency, evaluate latency, rule hits, override counts) and define SLOs (evaluation P95 <2s). Publish Grafana dashboards + burn-rate alert rules (Deps: POLICY-OBS-50-001) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-OBS-52-001 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Emit timeline events `policy.evaluate.started`, `policy.evaluate.completed`, `policy.decision.recorded` with trace IDs, input digests, and rule summary. Provide contract tests and retry semantics (Deps: POLICY-OBS-51-001) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-OBS-53-001 | TODO | Policy Guild, Evidence Locker Guild | src/Policy/StellaOps.Policy.Engine | Produce evaluation evidence bundles (inputs slice, rule trace, engine version, config snapshot) through evidence locker integration; ensure redaction + deterministic manifests (Deps: POLICY-OBS-52-001) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-OBS-54-001 | TODO | Policy Guild, Provenance Guild | src/Policy/StellaOps.Policy.Engine | Generate DSSE attestations for evaluation outputs, expose `/evaluations/{id}/attestation`, and link attestation IDs in timeline + console. Provide verification harness (Deps: POLICY-OBS-53-001) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-OBS-55-001 | TODO | Policy Guild, DevOps Guild | src/Policy/StellaOps.Policy.Engine | Implement incident mode sampling overrides (full rule trace capture, extended retention) with auto-activation on SLO breach and manual override API. Emit activation events to timeline + notifier (Deps: POLICY-OBS-54-001) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-RISK-66-001 | TODO | Risk Profile Schema Guild | src/Policy/StellaOps.Policy.RiskProfile | Develop initial JSON Schema for RiskProfile (signals, transforms, weights, severity, overrides) with validator stubs |
|
||||
| SPRINT_127_policy_reasoning | POLICY-RISK-66-002 | TODO | Risk Profile Schema Guild | src/Policy/StellaOps.Policy.RiskProfile | Implement inheritance/merge logic with conflict detection and deterministic content hashing (Deps: POLICY-RISK-66-001) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-RISK-66-003 | TODO | Policy Guild, Risk Profile Schema Guild | src/Policy/StellaOps.Policy.Engine | Integrate RiskProfile schema into Policy Engine configuration, ensuring validation and default profile deployment (Deps: POLICY-RISK-66-002) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-RISK-66-004 | TODO | Policy Guild, Risk Profile Schema Guild | src/Policy/__Libraries/StellaOps.Policy | Extend Policy libraries to load/save RiskProfile documents, compute content hashes, and surface validation diagnostics (Deps: POLICY-RISK-66-003) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-RISK-67-001 | TODO | Policy Guild, Risk Engine Guild | src/Policy/StellaOps.Policy.Engine | Trigger scoring jobs on new/updated findings via Policy Engine orchestration hooks (Deps: POLICY-RISK-66-004) |
|
||||
| SPRINT_127_policy_reasoning | POLICY-RISK-67-001 | TODO | Risk Profile Schema Guild, Policy Engine Guild | src/Policy/StellaOps.Policy.RiskProfile | Integrate profile storage and versioning into Policy Store with lifecycle states (draft/publish/deprecate) (Deps: POLICY-RISK-67-001) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-RISK-67-002 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Implement profile lifecycle APIs (`/risk/profiles` create/publish/deprecate) and scope attachment logic (Deps: POLICY-RISK-67-001) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-RISK-67-002 | TODO | Risk Profile Schema Guild | src/Policy/StellaOps.Policy.RiskProfile | Publish `.well-known/risk-profile-schema` endpoint and CLI validation tooling (Deps: POLICY-RISK-67-002) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-RISK-67-003 | TODO | Policy Guild, Risk Engine Guild | src/Policy/__Libraries/StellaOps.Policy | Provide policy-layer APIs to trigger risk simulations and return distributions/contribution breakdowns (Deps: POLICY-RISK-67-002) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-RISK-68-001 | TODO | Policy Guild, Policy Studio Guild | src/Policy/StellaOps.Policy.Engine | Provide simulation API bridging Policy Studio with risk engine; returns distributions and top movers (Deps: POLICY-RISK-67-003) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-RISK-68-001 | TODO | Risk Profile Schema Guild, Authority Guild | src/Policy/StellaOps.Policy.RiskProfile | Implement scope selectors, precedence rules, and Authority attachment APIs (Deps: POLICY-RISK-68-001) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-RISK-68-002 | TODO | Risk Profile Schema Guild | src/Policy/StellaOps.Policy.RiskProfile | Add override/adjustment support with audit metadata and validation for conflicting rules (Deps: POLICY-RISK-68-001) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-RISK-68-002 | TODO | Policy Guild, Export Guild | src/Policy/__Libraries/StellaOps.Policy | Enable exporting/importing RiskProfiles with signatures via policy tooling (CLI + API) (Deps: POLICY-RISK-68-002) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-RISK-69-001 | TODO | Policy Guild, Notifications Guild | src/Policy/StellaOps.Policy.Engine | Emit events/notifications on profile publish, deprecate, and severity threshold changes (Deps: POLICY-RISK-68-002) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-RISK-70-001 | TODO | Policy Guild, Export Guild | src/Policy/StellaOps.Policy.Engine | Support exporting/importing profiles with signatures for air-gapped bundles (Deps: POLICY-RISK-69-001) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-SPL-23-001 | TODO | Policy Guild, Language Infrastructure Guild | src/Policy/__Libraries/StellaOps.Policy | Define SPL v1 YAML + JSON Schema, including advisory rules, VEX precedence, severity mapping, exceptions, and layering metadata. Publish schema resources and validation fixtures |
|
||||
| SPRINT_128_policy_reasoning | POLICY-SPL-23-002 | TODO | Policy Guild | src/Policy/__Libraries/StellaOps.Policy | Implement canonicalizer that normalizes policy packs (ordering, defaults), computes content hash, and prepares bundle metadata for AOC/signing (Deps: POLICY-SPL-23-001) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-SPL-23-003 | TODO | Policy Guild | src/Policy/__Libraries/StellaOps.Policy | Build policy layering/override engine (global/org/project/env/exception) with field-level precedence matrices; add unit/property tests (Deps: POLICY-SPL-23-002) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-SPL-23-004 | TODO | Policy Guild, Audit Guild | src/Policy/__Libraries/StellaOps.Policy | Design explanation tree model (rule hits, inputs, decisions) and persistence structures reused by runtime, UI, and CLI (Deps: POLICY-SPL-23-003) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-SPL-23-005 | TODO | Policy Guild, DevEx Guild | src/Policy/__Libraries/StellaOps.Policy | Create migration tool to snapshot existing behavior into baseline SPL packs (`org.core.baseline`), including policy docs and sample bundles (Deps: POLICY-SPL-23-004) |
|
||||
| SPRINT_128_policy_reasoning | POLICY-SPL-24-001 | TODO | Policy Guild, Signals Guild | src/Policy/__Libraries/StellaOps.Policy | Extend SPL schema to expose reachability/exploitability predicates and weighting functions; update documentation and fixtures (Deps: POLICY-SPL-23-005) |
|
||||
| SPRINT_129_policy_reasoning | POLICY-TEN-48-001 | TODO | Policy Guild | src/Policy/StellaOps.Policy.Engine | Add `tenant_id`/`project_id` columns, enable RLS, update evaluators to require tenant context, and emit rationale IDs including tenant metadata |
|
||||
| SPRINT_129_policy_reasoning | REGISTRY-API-27-001 | TODO | Policy Registry Guild | src/Policy/StellaOps.Policy.Registry | Define OpenAPI specification covering workspaces, versions, reviews, simulations, promotions, and attestations; publish typed clients for Console/CLI |
|
||||
| SPRINT_129_policy_reasoning | REGISTRY-API-27-002 | TODO | Policy Registry Guild | src/Policy/StellaOps.Policy.Registry | Implement workspace storage (Mongo collections, object storage buckets) with CRUD endpoints, diff history, and retention policies (Deps: REGISTRY-API-27-001) |
|
||||
| SPRINT_129_policy_reasoning | REGISTRY-API-27-003 | TODO | Policy Registry Guild | src/Policy/StellaOps.Policy.Registry | Integrate compile endpoint: forward source bundle to Policy Engine, persist diagnostics, symbol table, rule index, and complexity metrics (Deps: REGISTRY-API-27-002) |
|
||||
| SPRINT_129_policy_reasoning | REGISTRY-API-27-004 | TODO | Policy Registry Guild | src/Policy/StellaOps.Policy.Registry | Implement quick simulation API with request limits (sample size, timeouts), returning counts, heatmap, sampled explains (Deps: REGISTRY-API-27-003) |
|
||||
| SPRINT_129_policy_reasoning | REGISTRY-API-27-005 | TODO | Policy Registry Guild, Scheduler Guild | src/Policy/StellaOps.Policy.Registry | Build batch simulation orchestration: enqueue shards, collect partials, reduce deltas, produce evidence bundles + signed manifest (Deps: REGISTRY-API-27-004) |
|
||||
| SPRINT_129_policy_reasoning | REGISTRY-API-27-006 | TODO | Policy Registry Guild | src/Policy/StellaOps.Policy.Registry | Implement review workflow (comments, votes, required approvers, status transitions) with audit trails and webhooks (Deps: REGISTRY-API-27-005) |
|
||||
| SPRINT_129_policy_reasoning | REGISTRY-API-27-007 | TODO | Policy Registry Guild, Security Guild | src/Policy/StellaOps.Policy.Registry | Implement publish pipeline: sign source/compiled digests, create attestations, mark version immutable, emit events (Deps: REGISTRY-API-27-006) |
|
||||
| SPRINT_129_policy_reasoning | REGISTRY-API-27-008 | TODO | Policy Registry Guild | src/Policy/StellaOps.Policy.Registry | Implement promotion bindings per tenant/environment with canary subsets, rollback path, and environment history (Deps: REGISTRY-API-27-007) |
|
||||
| SPRINT_129_policy_reasoning | REGISTRY-API-27-009 | TODO | Policy Registry Guild, Observability Guild | src/Policy/StellaOps.Policy.Registry | Instrument metrics/logs/traces (compile time, diagnostics rate, sim queue depth, approval latency) and expose dashboards (Deps: REGISTRY-API-27-008) |
|
||||
| SPRINT_129_policy_reasoning | REGISTRY-API-27-010 | TODO | Policy Registry Guild, QA Guild | src/Policy/StellaOps.Policy.Registry | Build unit/integration/load test suites for compile/sim/review/publish/promote flows; provide seeded fixtures for CI (Deps: REGISTRY-API-27-009) |
|
||||
| SPRINT_129_policy_reasoning | RISK-ENGINE-66-001 | TODO | Risk Engine Guild | src/RiskEngine/StellaOps.RiskEngine | Scaffold scoring service (job queue, worker loop, provider registry) with deterministic execution harness |
|
||||
| SPRINT_129_policy_reasoning | RISK-ENGINE-66-002 | TODO | Risk Engine Guild | src/RiskEngine/StellaOps.RiskEngine | Implement default transforms (linear, minmax, logistic, piecewise), clamping, gating, and contribution calculator (Deps: RISK-ENGINE-66-001) |
|
||||
| SPRINT_129_policy_reasoning | RISK-ENGINE-67-001 | TODO | Risk Engine Guild, Concelier Guild | src/RiskEngine/StellaOps.RiskEngine | Integrate CVSS and KEV providers pulling data from Conseiller; implement reducers (`max`, `any`, `consensus`) (Deps: RISK-ENGINE-66-002) |
|
||||
| SPRINT_129_policy_reasoning | RISK-ENGINE-67-002 | TODO | Risk Engine Guild, Excitor Guild | src/RiskEngine/StellaOps.RiskEngine | Integrate VEX gate provider and ensure gating short-circuits scoring as configured (Deps: RISK-ENGINE-67-001) |
|
||||
| SPRINT_129_policy_reasoning | RISK-ENGINE-67-003 | TODO | Risk Engine Guild, Policy Engine Guild | src/RiskEngine/StellaOps.RiskEngine | Add fix availability, asset criticality, and internet exposure providers with caching + TTL enforcement (Deps: RISK-ENGINE-67-002) |
|
||||
| SPRINT_129_policy_reasoning | RISK-ENGINE-68-001 | TODO | Risk Engine Guild, Findings Ledger Guild | src/RiskEngine/StellaOps.RiskEngine | Persist scoring results + explanation pointers to Findings Ledger; handle incremental updates via input hash (Deps: RISK-ENGINE-67-003) |
|
||||
| SPRINT_129_policy_reasoning | RISK-ENGINE-68-002 | TODO | Risk Engine Guild, API Guild | src/RiskEngine/StellaOps.RiskEngine | Expose APIs (`/risk/jobs`, `/risk/results`, `/risk/results/{id}/explanation`); include pagination, filtering, error codes (Deps: RISK-ENGINE-68-001) |
|
||||
| SPRINT_129_policy_reasoning | RISK-ENGINE-69-001 | TODO | Risk Engine Guild, Policy Studio Guild | src/RiskEngine/StellaOps.RiskEngine | Implement simulation mode producing distributions and top movers without mutating ledger (Deps: RISK-ENGINE-68-002) |
|
||||
| SPRINT_129_policy_reasoning | RISK-ENGINE-69-002 | TODO | Risk Engine Guild, Observability Guild | src/RiskEngine/StellaOps.RiskEngine | Add telemetry (spans, metrics, logs) for provider latency, job throughput, cache hits; define SLO dashboards (Deps: RISK-ENGINE-69-001) |
|
||||
| SPRINT_129_policy_reasoning | RISK-ENGINE-70-001 | TODO | Risk Engine Guild, Export Guild | src/RiskEngine/StellaOps.RiskEngine | Support offline provider bundles with manifest verification and missing-data reporting (Deps: RISK-ENGINE-69-002) |
|
||||
| SPRINT_129_policy_reasoning | RISK-ENGINE-70-002 | TODO | Risk Engine Guild, Observability Guild | src/RiskEngine/StellaOps.RiskEngine | Integrate runtime evidence provider and reachability provider outputs with caching + TTL (Deps: RISK-ENGINE-70-001) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-30-001 | TODO | VEX Lens Guild | src/VexLens/StellaOps.VexLens | Implement normalization pipeline for CSAF VEX, OpenVEX, CycloneDX VEX (status mapping, justification mapping, product tree parsing) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-30-002 | TODO | VEX Lens Guild | src/VexLens/StellaOps.VexLens | Build product mapping library (CPE/CPE2.3/vendor tokens → purl/version) with scope quality scoring and path metadata (Deps: VEXLENS-30-001) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-30-003 | TODO | VEX Lens Guild, Issuer Directory Guild | src/VexLens/StellaOps.VexLens | Integrate signature verification (Ed25519, DSSE, PKIX) using issuer keys, annotate evidence with verification state and failure reasons (Deps: VEXLENS-30-002) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-30-004 | TODO | VEX Lens Guild, Policy Guild | src/VexLens/StellaOps.VexLens | Implement trust weighting engine (issuer base weights, signature modifiers, recency decay, justification modifiers, scope score adjustments) controlled by policy config (Deps: VEXLENS-30-003) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-30-005 | TODO | VEX Lens Guild | src/VexLens/StellaOps.VexLens | Implement consensus algorithm producing `consensus_state`, `confidence`, `weights`, `quorum`, `rationale`; support states: NOT_AFFECTED, AFFECTED, FIXED, UNDER_INVESTIGATION, DISPUTED, INCONCLUSIVE (Deps: VEXLENS-30-004) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-30-006 | TODO | VEX Lens Guild, Findings Ledger Guild | src/VexLens/StellaOps.VexLens | Materialize consensus projection storage with idempotent workers triggered by VEX/Policy changes; expose change events for downstream consumers (Deps: VEXLENS-30-005) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-30-007 | TODO | VEX Lens Guild | src/VexLens/StellaOps.VexLens | Expose APIs (`/vex/consensus`, `/vex/consensus/query`, `/vex/consensus/{id}`, `/vex/consensus/simulate`, `/vex/consensus/export`) with pagination, cost budgets, and OpenAPI docs (Deps: VEXLENS-30-006) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-30-008 | TODO | VEX Lens Guild, Policy Guild | src/VexLens/StellaOps.VexLens | Integrate consensus signals with Policy Engine (thresholds, suppression, simulation inputs) and Vuln Explorer detail view (Deps: VEXLENS-30-007) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-30-009 | TODO | VEX Lens Guild, Observability Guild | src/VexLens/StellaOps.VexLens | Instrument metrics (`vex_consensus_compute_latency`, `vex_consensus_disputed_total`, `vex_signature_verification_rate`), structured logs, and traces; publish dashboards/alerts (Deps: VEXLENS-30-008) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-30-010 | TODO | VEX Lens Guild, QA Guild | src/VexLens/StellaOps.VexLens | Develop unit/property/integration/load tests (10M records), determinism harness, fuzz testing for malformed product trees (Deps: VEXLENS-30-009) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-30-011 | TODO | VEX Lens Guild, DevOps Guild | src/VexLens/StellaOps.VexLens | Provide deployment manifests, caching configuration, scaling guides, offline kit seeds, and runbooks (Deps: VEXLENS-30-010) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-AIAI-31-001 | TODO | VEX Lens Guild | src/VexLens/StellaOps.VexLens | Expose consensus rationale API enhancements (policy factors, issuer details, mapping issues) for Advisory AI conflict explanations |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-AIAI-31-002 | TODO | VEX Lens Guild | src/VexLens/StellaOps.VexLens | Provide caching hooks for consensus lookups used by Advisory AI (batch endpoints, TTL hints) (Deps: VEXLENS-AIAI-31-001) |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-EXPORT-35-001 | TODO | VEX Lens Guild | src/VexLens/StellaOps.VexLens | Provide consensus snapshot API delivering deterministic JSONL (state, confidence, provenance) for exporter mirror bundles |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-ORCH-33-001 | TODO | VEX Lens Guild | src/VexLens/StellaOps.VexLens | Register `consensus_compute` job type with orchestrator, integrate worker SDK, and expose job planning hooks for consensus batches |
|
||||
| SPRINT_129_policy_reasoning | VEXLENS-ORCH-34-001 | TODO | VEX Lens Guild | src/VexLens/StellaOps.VexLens | Emit consensus completion events into orchestrator run ledger and provenance chain, including confidence metadata (Deps: VEXLENS-ORCH-33-001) |
|
||||
| SPRINT_129_policy_reasoning | VULN-API-29-001 | TODO | Vuln Explorer API Guild | src/VulnExplorer/StellaOps.VulnExplorer.Api | Define OpenAPI spec (list/detail/query/simulation/workflow/export), query JSON schema, pagination/grouping contracts, and error codes |
|
||||
| SPRINT_129_policy_reasoning | VULN-API-29-002 | TODO | Vuln Explorer API Guild | src/VulnExplorer/StellaOps.VulnExplorer.Api | Implement list/query endpoints with policy parameter, grouping, server paging, caching, and cost budgets (Deps: VULN-API-29-001) |
|
||||
| SPRINT_129_policy_reasoning | VULN-API-29-003 | TODO | Vuln Explorer API Guild | src/VulnExplorer/StellaOps.VulnExplorer.Api | Implement detail endpoint aggregating evidence, policy rationale, paths (Graph Explorer deep link), and workflow summary (Deps: VULN-API-29-002) |
|
||||
| SPRINT_129_policy_reasoning | VULN-API-29-004 | TODO | Vuln Explorer API Guild, Findings Ledger Guild | src/VulnExplorer/StellaOps.VulnExplorer.Api | Expose workflow endpoints (assign, comment, accept-risk, verify-fix, target-fix, reopen) that write ledger events with idempotency + validation (Deps: VULN-API-29-003) |
|
||||
| SPRINT_129_policy_reasoning | VULN-API-29-005 | TODO | Vuln Explorer API Guild, Policy Guild | src/VulnExplorer/StellaOps.VulnExplorer.Api | Implement simulation endpoint comparing `policy_from` vs `policy_to`, returning diffs without side effects; hook into Policy Engine batch eval (Deps: VULN-API-29-004) |
|
||||
| SPRINT_129_policy_reasoning | VULN-API-29-006 | TODO | Vuln Explorer API Guild | src/VulnExplorer/StellaOps.VulnExplorer.Api | Integrate resolver results with Graph Explorer: include shortest path metadata, line up deep-link parameters, expose `paths` array in details (Deps: VULN-API-29-005) |
|
||||
| SPRINT_129_policy_reasoning | VULN-API-29-007 | TODO | Vuln Explorer API Guild, Security Guild | src/VulnExplorer/StellaOps.VulnExplorer.Api | Enforce RBAC/ABAC scopes; implement CSRF/anti-forgery checks for Console; secure attachment URLs; audit logging (Deps: VULN-API-29-006) |
|
||||
| SPRINT_129_policy_reasoning | VULN-API-29-008 | TODO | Vuln Explorer API Guild | src/VulnExplorer/StellaOps.VulnExplorer.Api | Build export orchestrator producing signed bundles (manifest, NDJSON, checksums, signature). Integrate with Findings Ledger for evidence and Policy Engine metadata (Deps: VULN-API-29-007) |
|
||||
| SPRINT_129_policy_reasoning | VULN-API-29-009 | TODO | Vuln Explorer API Guild, Observability Guild | src/VulnExplorer/StellaOps.VulnExplorer.Api | Instrument metrics (`vuln_list_latency`, `vuln_simulation_latency`, `vuln_export_duration`, `vuln_workflow_events_total`), structured logs, and traces; publish dashboards/alerts (Deps: VULN-API-29-008) |
|
||||
| SPRINT_129_policy_reasoning | VULN-API-29-010 | TODO | Vuln Explorer API Guild, QA Guild | src/VulnExplorer/StellaOps.VulnExplorer.Api | Provide unit/integration/perf tests (5M findings), fuzz query validation, determinism harness comparing repeated queries (Deps: VULN-API-29-009) |
|
||||
| SPRINT_129_policy_reasoning | VULN-API-29-011 | TODO | Vuln Explorer API Guild, DevOps Guild | src/VulnExplorer/StellaOps.VulnExplorer.Api | Package deployment (Helm/Compose), health checks, CI smoke, offline kit steps, and scaling guidance (Deps: VULN-API-29-010) |
|
||||
| SPRINT_131_scanner_surface | `SCANNER-ANALYZERS-DENO-26-009` | TODO | Deno Analyzer Guild, Signals Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Deno) | | SCANNER-ANALYZERS-DENO-26-008 |
|
||||
| SPRINT_131_scanner_surface | `SCANNER-ANALYZERS-DENO-26-010` | TODO | Deno Analyzer Guild, DevOps Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Deno) | | SCANNER-ANALYZERS-DENO-26-009 |
|
||||
| SPRINT_131_scanner_surface | `SCANNER-ANALYZERS-DENO-26-011` | TODO | Deno Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Deno) | | SCANNER-ANALYZERS-DENO-26-010 |
|
||||
| SPRINT_131_scanner_surface | `SCANNER-ANALYZERS-JAVA-21-005` | TODO | Java Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Java) | | — |
|
||||
| SPRINT_131_scanner_surface | `SCANNER-ANALYZERS-JAVA-21-006` | TODO | Java Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Java) | | SCANNER-ANALYZERS-JAVA-21-005 |
|
||||
| SPRINT_131_scanner_surface | `SCANNER-ANALYZERS-JAVA-21-007` | TODO | Java Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Java) | | SCANNER-ANALYZERS-JAVA-21-006 |
|
||||
| SPRINT_131_scanner_surface | `SCANNER-ANALYZERS-JAVA-21-008` | BLOCKED (2025-10-27) | Java Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Java) | | SCANNER-ANALYZERS-JAVA-21-007 |
|
||||
| SPRINT_131_scanner_surface | `SCANNER-ANALYZERS-JAVA-21-009` | TODO | Java Analyzer Guild, QA Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Java) | | SCANNER-ANALYZERS-JAVA-21-008 |
|
||||
| SPRINT_131_scanner_surface | `SCANNER-ANALYZERS-JAVA-21-010` | TODO | Java Analyzer Guild, Signals Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Java) | | SCANNER-ANALYZERS-JAVA-21-009 |
|
||||
| SPRINT_131_scanner_surface | `SCANNER-ANALYZERS-JAVA-21-011` | TODO | Java Analyzer Guild, DevOps Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Java) | | SCANNER-ANALYZERS-JAVA-21-010 |
|
||||
| SPRINT_131_scanner_surface | `SCANNER-ANALYZERS-LANG-11-001` | TODO | StellaOps.Scanner EPDR Guild, Language Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.DotNet) | | SCANNER-ANALYZERS-LANG-10-309R |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-LANG-11-002` | TODO | StellaOps.Scanner EPDR Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.DotNet) | | SCANNER-ANALYZERS-LANG-11-001 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-LANG-11-003` | TODO | StellaOps.Scanner EPDR Guild, Signals Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.DotNet) | | SCANNER-ANALYZERS-LANG-11-002 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-LANG-11-004` | TODO | StellaOps.Scanner EPDR Guild, SBOM Service Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.DotNet) | | SCANNER-ANALYZERS-LANG-11-003 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-LANG-11-005` | TODO | StellaOps.Scanner EPDR Guild, QA Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.DotNet) | | SCANNER-ANALYZERS-LANG-11-004 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NATIVE-20-001` | TODO | Native Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Native) | | — |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NATIVE-20-002` | TODO | Native Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Native) | | SCANNER-ANALYZERS-NATIVE-20-001 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NATIVE-20-003` | TODO | Native Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Native) | | SCANNER-ANALYZERS-NATIVE-20-002 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NATIVE-20-004` | TODO | Native Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Native) | | SCANNER-ANALYZERS-NATIVE-20-003 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NATIVE-20-005` | TODO | Native Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Native) | | SCANNER-ANALYZERS-NATIVE-20-004 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NATIVE-20-006` | TODO | Native Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Native) | | SCANNER-ANALYZERS-NATIVE-20-005 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NATIVE-20-007` | TODO | Native Analyzer Guild, SBOM Service Guild (src/Scanner/StellaOps.Scanner.Analyzers.Native) | | SCANNER-ANALYZERS-NATIVE-20-006 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NATIVE-20-008` | TODO | Native Analyzer Guild, QA Guild (src/Scanner/StellaOps.Scanner.Analyzers.Native) | | SCANNER-ANALYZERS-NATIVE-20-007 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NATIVE-20-009` | TODO | Native Analyzer Guild, Signals Guild (src/Scanner/StellaOps.Scanner.Analyzers.Native) | | SCANNER-ANALYZERS-NATIVE-20-008 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NATIVE-20-010` | TODO | Native Analyzer Guild, DevOps Guild (src/Scanner/StellaOps.Scanner.Analyzers.Native) | | SCANNER-ANALYZERS-NATIVE-20-009 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NODE-22-001` | TODO | Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | — |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NODE-22-002` | TODO | Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | SCANNER-ANALYZERS-NODE-22-001 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NODE-22-003` | TODO | Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | SCANNER-ANALYZERS-NODE-22-002 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NODE-22-004` | TODO | Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | SCANNER-ANALYZERS-NODE-22-003 |
|
||||
| SPRINT_132_scanner_surface | `SCANNER-ANALYZERS-NODE-22-005` | TODO | Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | SCANNER-ANALYZERS-NODE-22-004 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-NODE-22-006` | TODO | Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | SCANNER-ANALYZERS-NODE-22-005 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-NODE-22-007` | TODO | Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | SCANNER-ANALYZERS-NODE-22-006 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-NODE-22-008` | TODO | Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | SCANNER-ANALYZERS-NODE-22-007 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-NODE-22-009` | TODO | Node Analyzer Guild, QA Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | SCANNER-ANALYZERS-NODE-22-008 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-NODE-22-010` | TODO | Node Analyzer Guild, Signals Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | SCANNER-ANALYZERS-NODE-22-009 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-NODE-22-011` | TODO | Node Analyzer Guild, DevOps Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | SCANNER-ANALYZERS-NODE-22-010 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-NODE-22-012` | TODO | Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) | | SCANNER-ANALYZERS-NODE-22-011 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-PHP-27-001` | TODO | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | — |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-PHP-27-002` | TODO | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-001 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-PHP-27-003` | TODO | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-002 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-PHP-27-004` | TODO | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-003 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-PHP-27-005` | TODO | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-004 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-PHP-27-006` | TODO | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-005 |
|
||||
| SPRINT_133_scanner_surface | `SCANNER-ANALYZERS-PHP-27-007` | TODO | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-006 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PHP-27-008` | TODO | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-002 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PHP-27-009` | TODO | PHP Analyzer Guild, QA Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-007 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PHP-27-010` | TODO | PHP Analyzer Guild, Signals Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-009 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PHP-27-011` | TODO | PHP Analyzer Guild, DevOps Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-010 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PHP-27-012` | TODO | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-011 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-001` | TODO | Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | — |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-002` | TODO | Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | SCANNER-ANALYZERS-PYTHON-23-001 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-003` | TODO | Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | SCANNER-ANALYZERS-PYTHON-23-002 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-004` | TODO | Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | SCANNER-ANALYZERS-PYTHON-23-003 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-005` | TODO | Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | SCANNER-ANALYZERS-PYTHON-23-004 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-006` | TODO | Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | SCANNER-ANALYZERS-PYTHON-23-005 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-007` | TODO | Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | SCANNER-ANALYZERS-PYTHON-23-006 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-008` | TODO | Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | SCANNER-ANALYZERS-PYTHON-23-007 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-009` | TODO | Python Analyzer Guild, QA Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | SCANNER-ANALYZERS-PYTHON-23-008 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-010` | TODO | Python Analyzer Guild, Signals Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | SCANNER-ANALYZERS-PYTHON-23-009 |
|
||||
| SPRINT_134_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-011` | TODO | Python Analyzer Guild, DevOps Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | SCANNER-ANALYZERS-PYTHON-23-010 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-PYTHON-23-012` | TODO | Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | | SCANNER-ANALYZERS-PYTHON-23-011 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-001` | TODO | Ruby Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | — |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-002` | TODO | Ruby Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | SCANNER-ANALYZERS-RUBY-28-001 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-003` | TODO | Ruby Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | SCANNER-ANALYZERS-RUBY-28-002 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-004` | TODO | Ruby Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | SCANNER-ANALYZERS-RUBY-28-003 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-005` | TODO | Ruby Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | SCANNER-ANALYZERS-RUBY-28-004 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-006` | TODO | Ruby Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | SCANNER-ANALYZERS-RUBY-28-005 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-007` | TODO | Ruby Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | SCANNER-ANALYZERS-RUBY-28-006 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-008` | TODO | Ruby Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | SCANNER-ANALYZERS-RUBY-28-007 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-009` | TODO | Ruby Analyzer Guild, QA Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | SCANNER-ANALYZERS-RUBY-28-008 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-010` | TODO | Ruby Analyzer Guild, Signals Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | SCANNER-ANALYZERS-RUBY-28-009 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-011` | TODO | Ruby Analyzer Guild, DevOps Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | SCANNER-ANALYZERS-RUBY-28-010 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ANALYZERS-RUBY-28-012` | TODO | Ruby Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby) | | SCANNER-ANALYZERS-RUBY-28-011 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ENTRYTRACE-18-502` | TODO | EntryTrace Guild (src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace) | | SCANNER-ENTRYTRACE-18-508 |
|
||||
| SPRINT_135_scanner_surface | `SCANNER-ENTRYTRACE-18-503` | TODO | EntryTrace Guild (src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace) | | SCANNER-ENTRYTRACE-18-502 |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-EMIT-15-001` | TODO | Scanner Emit Guild (src/Scanner/__Libraries/StellaOps.Scanner.Emit) | | SCANNER-SURFACE-04 |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENG-0020` | TODO | Scanner Guild (docs/modules/scanner) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENG-0021` | TODO | Scanner Guild (docs/modules/scanner) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENG-0022` | TODO | Scanner Guild, Policy Guild (docs/modules/scanner) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENG-0023` | TODO | Scanner Guild, Offline Kit Guild, Policy Guild (docs/modules/scanner) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENG-0024` | TODO | Scanner Guild (docs/modules/scanner) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENG-0025` | TODO | Scanner Guild (docs/modules/scanner) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENG-0026` | TODO | Scanner Guild (docs/modules/scanner) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENG-0027` | TODO | Scanner Guild, Policy Guild, Offline Kit Guild (docs/modules/scanner) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENTRYTRACE-18-504` | TODO | EntryTrace Guild (src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace) | | SCANNER-ENTRYTRACE-18-503 |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENTRYTRACE-18-505` | TODO | EntryTrace Guild (src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace) | | SCANNER-ENTRYTRACE-18-504 |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENTRYTRACE-18-506` | TODO | EntryTrace Guild, Scanner WebService Guild (src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace) | | SCANNER-ENTRYTRACE-18-505 |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENV-01` | TODO (2025-11-06) | Scanner Worker Guild (src/Scanner/StellaOps.Scanner.Worker) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENV-02` | TODO (2025-11-06) | Scanner WebService Guild, Ops Guild (src/Scanner/StellaOps.Scanner.WebService) | | SCANNER-ENV-01 |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-ENV-03` | TODO | BuildX Plugin Guild (src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin) | | SCANNER-ENV-02 |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-EVENTS-16-301` | BLOCKED (2025-10-26) | Scanner WebService Guild (src/Scanner/StellaOps.Scanner.WebService) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-GRAPH-21-001` | TODO | Scanner WebService Guild, Cartographer Guild (src/Scanner/StellaOps.Scanner.WebService) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-LNM-21-001` | TODO | Scanner WebService Guild, Policy Guild (src/Scanner/StellaOps.Scanner.WebService) | | — |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-LNM-21-002` | TODO | Scanner WebService Guild, UI Guild (src/Scanner/StellaOps.Scanner.WebService) | | SCANNER-LNM-21-001 |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-SECRETS-03` | TODO | BuildX Plugin Guild, Security Guild (src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin) | | SCANNER-SECRETS-02 |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-SORT-02` | TODO | Scanner Core Guild (src/Scanner/__Libraries/StellaOps.Scanner.Core) | | SCANNER-EMIT-15-001 |
|
||||
| SPRINT_136_scanner_surface | `SCANNER-SURFACE-04` | TODO | Scanner Worker Guild (src/Scanner/StellaOps.Scanner.Worker) | | SCANNER-SURFACE-01, SURFACE-FS-03 |
|
||||
| SPRINT_136_scanner_surface | `SCHED-SURFACE-02` | TODO | Scheduler Worker Guild (src/Scheduler/__Libraries/StellaOps.Scheduler.Worker) | | SURFACE-FS-02, SCHED-SURFACE-01. Reference `docs/modules/scanner/design/surface-fs-consumers.md` §3 for implementation checklist |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-ENV-02` | DOING (2025-11-02) | Scanner Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Env) | | SURFACE-ENV-01 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-ENV-03` | TODO | Scanner Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Env) | | SURFACE-ENV-02 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-ENV-04` | TODO | Zastava Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Env) | | SURFACE-ENV-02 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-ENV-05` | TODO | Ops Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Env) | | SURFACE-ENV-03, SURFACE-ENV-04 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-FS-03` | TODO | Scanner Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.FS) | | SURFACE-FS-02 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-FS-04` | TODO | Zastava Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.FS) | | SURFACE-FS-02 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-FS-05` | TODO | Scanner Guild, Scheduler Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.FS) | | SURFACE-FS-03 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-FS-06` | TODO | Docs Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.FS) | | SURFACE-FS-02..05 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-FS-07` | TODO | Scanner Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.FS) | | SCANNER-SURFACE-04 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-SECRETS-01` | DOING (2025-11-02) | Scanner Guild, Security Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Secrets) | | — |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-SECRETS-02` | DOING (2025-11-02) | Scanner Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Secrets) | | SURFACE-SECRETS-01 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-SECRETS-03` | TODO | Scanner Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Secrets) | | SURFACE-SECRETS-02 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-SECRETS-04` | TODO | Scanner Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Secrets) | | SURFACE-SECRETS-02 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-SECRETS-05` | TODO | Zastava Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Secrets) | | SURFACE-SECRETS-02 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-SECRETS-06` | TODO | Ops Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Secrets) | | SURFACE-SECRETS-03 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-VAL-01` | DOING (2025-11-01) | Scanner Guild, Security Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation) | | SURFACE-FS-01, SURFACE-ENV-01 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-VAL-02` | TODO | Scanner Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation) | | SURFACE-VAL-01, SURFACE-ENV-02, SURFACE-FS-02 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-VAL-03` | TODO | Scanner Guild, Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation) | | SURFACE-VAL-02 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-VAL-04` | TODO | Scanner Guild, Zastava Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation) | | SURFACE-VAL-02 |
|
||||
| SPRINT_136_scanner_surface | `SURFACE-VAL-05` | TODO | Docs Guild (src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation) | | SURFACE-VAL-02 |
|
||||
| SPRINT_136_scanner_surface | `ZASTAVA-SURFACE-02` | TODO | Zastava Observer Guild (src/Zastava/StellaOps.Zastava.Observer) | | SURFACE-FS-02, ZASTAVA-SURFACE-01. Reference `docs/modules/scanner/design/surface-fs-consumers.md` §4 for integration steps |
|
||||
| SPRINT_138_scanner_ruby_parity | `SCANNER-ENG-0008` | TODO | EntryTrace Guild, QA Guild (src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace) | | — |
|
||||
| SPRINT_138_scanner_ruby_parity | `SCANNER-ENG-0010` | TODO | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | | SCANNER-ANALYZERS-PHP-27-001..012 |
|
||||
| SPRINT_138_scanner_ruby_parity | `SCANNER-ENG-0011` | TODO | Language Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Deno) | | — |
|
||||
| SPRINT_138_scanner_ruby_parity | `SCANNER-ENG-0012` | TODO | Language Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Dart) | | — |
|
||||
| SPRINT_138_scanner_ruby_parity | `SCANNER-ENG-0013` | TODO | Swift Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Swift) | | — |
|
||||
| SPRINT_138_scanner_ruby_parity | `SCANNER-ENG-0014` | TODO | Runtime Guild, Zastava Guild (docs/modules/scanner) | | — |
|
||||
| SPRINT_140_runtime_signals | GRAPH-INDEX-28-007 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | GRAPH-INDEX-28-008 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | GRAPH-INDEX-28-009 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | GRAPH-INDEX-28-010 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-AIAI-31-001 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-AIAI-31-002 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-CONSOLE-23-001 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-CONSOLE-23-002 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-ORCH-32-001 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-ORCH-33-001 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-ORCH-34-001 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-SERVICE-21-001 | BLOCKED | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-SERVICE-21-002 | BLOCKED | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-SERVICE-21-003 | BLOCKED | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-SERVICE-21-004 | BLOCKED | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-SERVICE-23-001 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-SERVICE-23-002 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-VULN-29-001 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SBOM-VULN-29-002 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | SIGNALS-24-002 | DOING (2025-11-07) | | | |
|
||||
| SPRINT_140_runtime_signals | SIGNALS-24-003 | DOING (2025-11-09) | | | |
|
||||
| SPRINT_140_runtime_signals | SIGNALS-24-004 | BLOCKED (2025-10-27) | | | |
|
||||
| SPRINT_140_runtime_signals | SIGNALS-24-005 | BLOCKED (2025-10-27) | | | |
|
||||
| SPRINT_140_runtime_signals | ZASTAVA-ENV-01 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | ZASTAVA-ENV-02 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | ZASTAVA-SECRETS-01 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | ZASTAVA-SECRETS-02 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | ZASTAVA-SURFACE-01 | TODO | | | |
|
||||
| SPRINT_140_runtime_signals | ZASTAVA-SURFACE-02 | TODO | | | |
|
||||
| SPRINT_160_export_evidence | CLI-REPLAY-187-002 | TODO | CLI Guild · `docs/modules/cli/architecture.md` | | |
|
||||
| SPRINT_160_export_evidence | DVOFF-64-002 | TODO | DevPortal Offline + AirGap Controller Guilds | | |
|
||||
| SPRINT_160_export_evidence | EVID-CRYPTO-90-001 | TODO | Evidence Locker + Security Guilds · `ICryptoProviderRegistry` integration | | |
|
||||
| SPRINT_160_export_evidence | EVID-REPLAY-187-001 | TODO | Evidence Locker Guild · docs/modules/evidence-locker/architecture.md | | |
|
||||
| SPRINT_160_export_evidence | EXPORT-AIRGAP-56-001/002 | TODO | Exporter + Mirror Creator + DevOps Guilds | | |
|
||||
| SPRINT_160_export_evidence | EXPORT-AIRGAP-57-001 | TODO | Exporter Service + Evidence Locker Guild | | |
|
||||
| SPRINT_160_export_evidence | EXPORT-ATTEST-74-001/002 | TODO | Attestation Bundle + Exporter Guilds | | |
|
||||
| SPRINT_160_export_evidence | EXPORT-ATTEST-75-001/002 | TODO | Attestation Bundle + CLI + Exporter Guilds | | |
|
||||
| SPRINT_160_export_evidence | EXPORT-CRYPTO-90-001 | TODO | Exporter Service + Security Guilds | | |
|
||||
| SPRINT_160_export_evidence | EXPORT-OAS-61/62/63 | TODO | Exporter Service + API Governance + SDK Guilds | | |
|
||||
| SPRINT_160_export_evidence | RUNBOOK-REPLAY-187-004 | TODO | Docs/Ops Guild · `/docs/runbooks/replay_ops.md` | | |
|
||||
| SPRINT_160_export_evidence | TIMELINE-OBS-52-001 | TODO | Timeline Indexer Guild | | |
|
||||
| SPRINT_160_export_evidence | TIMELINE-OBS-52-002 | TODO | Timeline Indexer Guild | | |
|
||||
| SPRINT_160_export_evidence | TIMELINE-OBS-52-003 | TODO | Timeline Indexer Guild | | |
|
||||
| SPRINT_160_export_evidence | TIMELINE-OBS-52-004 | TODO | Timeline Indexer + Security Guilds | | |
|
||||
| SPRINT_160_export_evidence | TIMELINE-OBS-53-001 | TODO | Timeline Indexer + Evidence Locker Guilds | | |
|
||||
| SPRINT_161_evidencelocker | CLI-REPLAY-187-002 | TODO | CLI Guild (`src/Cli/StellaOps.Cli`) | | |
|
||||
| SPRINT_161_evidencelocker | EVID-CRYPTO-90-001 | TODO | Evidence Locker Guild · Security Guild | | |
|
||||
| SPRINT_161_evidencelocker | EVID-OBS-54-002 | TODO | Evidence Locker Guild (`src/EvidenceLocker/StellaOps.EvidenceLocker`) | | |
|
||||
| SPRINT_161_evidencelocker | EVID-REPLAY-187-001 | TODO | Evidence Locker Guild · Replay Delivery Guild | | |
|
||||
| SPRINT_161_evidencelocker | RUNBOOK-REPLAY-187-004 | TODO | Docs Guild · Ops Guild | | |
|
||||
| SPRINT_170_notifications_telemetry | NOTIFY-ATTEST-74-001/002 | **DOING / TODO** | | | |
|
||||
| SPRINT_170_notifications_telemetry | NOTIFY-ATTEST-74-001/74-002 | TODO → DOING (prep) | Notifications Service Guild · Attestor Service Guild | | |
|
||||
| SPRINT_170_notifications_telemetry | NOTIFY-OAS-61-001 → 63-001 | **DOING / TODO** | | | |
|
||||
| SPRINT_170_notifications_telemetry | NOTIFY-OAS-61-001 → NOTIFY-OAS-63-001 | TODO | Notifications Service Guild · API Contracts Guild · SDK Generator Guild | | |
|
||||
| SPRINT_170_notifications_telemetry | NOTIFY-OBS-51-001/55-001 | TODO | Notifications Service Guild · Observability Guild | | |
|
||||
| SPRINT_170_notifications_telemetry | NOTIFY-OBS-51-001/55-001 | TODO | | | |
|
||||
| SPRINT_170_notifications_telemetry | NOTIFY-RISK-66-001 → 68-001 | TODO | | | |
|
||||
| SPRINT_170_notifications_telemetry | NOTIFY-RISK-66-001 → NOTIFY-RISK-68-001 | TODO | Notifications Service Guild · Risk Engine Guild · Policy Guild | | |
|
||||
| SPRINT_170_notifications_telemetry | TELEMETRY-OBS-50-001/002 | **DOING / TODO** | | | |
|
||||
| SPRINT_170_notifications_telemetry | TELEMETRY-OBS-50-001/50-002 | TODO → DOING (scaffolding) | Telemetry Core Guild | | |
|
||||
| SPRINT_170_notifications_telemetry | TELEMETRY-OBS-51-001/002 | TODO | | | |
|
||||
| SPRINT_170_notifications_telemetry | TELEMETRY-OBS-51-001/51-002 | TODO | Telemetry Core Guild · Observability Guild · Security Guild | | |
|
||||
| SPRINT_170_notifications_telemetry | TELEMETRY-OBS-55-001/56-001 | TODO | Telemetry Core Guild · Observability Guild | | |
|
||||
| SPRINT_170_notifications_telemetry | TELEMETRY-OBS-55-001/56-001 | TODO | | | |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-004 | DOING (2025-11-07) | Docs Guild · Console Guild | | DOCS-AIAI-31-003; CONSOLE-VULN-29-001; CONSOLE-VEX-30-001; EXCITITOR-CONSOLE-23-001 |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-005 | BLOCKED (2025-11-03) | Docs Guild · DevEx/CLI Guild | | DOCS-AIAI-31-004; CLI-VULN-29-001; CLI-VEX-30-001 |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-006 | BLOCKED (2025-11-03) | Docs Guild · Policy Guild | | DOCS-AIAI-31-005; POLICY-ENGINE-31-001 |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-008 | BLOCKED (2025-11-03) | Docs Guild · SBOM Service Guild | | DOCS-AIAI-31-007; SBOM-AIAI-31-001 |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-AIAI-31-009 | BLOCKED (2025-11-03) | Docs Guild · DevOps Guild | | DOCS-AIAI-31-008; DEVOPS-AIAI-31-001 |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-56-001 | TODO | Docs Guild · AirGap Controller Guild | | — |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-56-002 | TODO | Docs Guild · DevOps Guild | | DOCS-AIRGAP-56-001 |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-56-003 | TODO | Docs Guild · Exporter Guild | | DOCS-AIRGAP-56-002 |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-56-004 | TODO | Docs Guild · Deployment Guild | | DOCS-AIRGAP-56-003 |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-57-001 | TODO | Docs Guild · AirGap Time Guild | | DOCS-AIRGAP-56-004 |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-AIRGAP-57-002 | TODO | Docs Guild · Console Guild | | DOCS-AIRGAP-57-001 |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-CLI-DET-01 | TODO | Docs Guild · DevEx/CLI Guild | | CLI-SBOM-60-001; CLI-SBOM-60-002 |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-POLICY-DET-01 | TODO | Docs Guild · Policy Guild | | POLICY-DET backlog |
|
||||
| SPRINT_301_docs_tasks_md_i | DOCS-SCANNER-DET-01 | DOING (2025-11-09) | Docs Guild · Scanner Guild | | Sprint 136 outputs; scanner determinism fixtures |
|
||||
| SPRINT_401_reachability_evidence_chain | AUTH-REACH-401-005 | TODO | Authority & Signer Guilds (`src/Authority/StellaOps.Authority`, `src/Signer/StellaOps.Signer`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | BENCH-AUTO-401-019 | TODO | Benchmarks Guild (`docs/benchmarks/vex-evidence-playbook.md`, `scripts/bench/**`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | CLI-EDITOR-401-004 | TODO | CLI Guild (`src/Cli/StellaOps.Cli`, `docs/policy/lifecycle.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | CLI-VEX-401-011 | TODO | verify | | |
|
||||
| SPRINT_401_reachability_evidence_chain | DOCS-DSL-401-005 | TODO | Docs Guild (`docs/policy/dsl.md`, `docs/policy/lifecycle.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | DOCS-RUNBOOK-401-017 | TODO | Docs Guild · Ops Guild (`docs/runbooks/reachability-runtime.md`, `docs/reachability/DELIVERY_GUIDE.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | DOCS-VEX-401-012 | TODO | Docs Guild (`docs/benchmarks/vex-evidence-playbook.md`, `bench/README.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | DSSE-CLI-401-021 | TODO | CLI Guild · DevOps Guild (`src/Cli/StellaOps.Cli`, `scripts/ci/attest-*`, `docs/modules/attestor/architecture.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | DSSE-DOCS-401-022 | TODO | Docs Guild · Attestor Guild (`docs/ci/dsse-build-flow.md`, `docs/modules/attestor/architecture.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | DSSE-LIB-401-020 | TODO | Attestor Guild · Platform Guild (`src/Attestor/StellaOps.Attestation`, `src/Attestor/StellaOps.Attestor.Envelope`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | GAP-DOC-008 | TODO | Docs Guild (`docs/reachability/function-level-evidence.md`, `docs/09_API_CLI_REFERENCE.md`, `docs/api/policy.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | GAP-POL-005 | TODO | Policy Guild (`src/Policy/StellaOps.Policy.Engine`, `docs/modules/policy/architecture.md`, `docs/reachability/function-level-evidence.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | GAP-REP-004 | TODO | BE-Base Platform Guild (`src/__Libraries/StellaOps.Replay.Core`, `docs/replay/DETERMINISTIC_REPLAY.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | GAP-SIG-003 | TODO | Signals Guild (`src/Signals/StellaOps.Signals`, `docs/reachability/function-level-evidence.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | GAP-SYM-007 | TODO | Scanner Worker Guild & Docs Guild (`src/Scanner/StellaOps.Scanner.Models`, `docs/modules/scanner/architecture.md`, `docs/reachability/function-level-evidence.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | GAP-VEX-006 | TODO | Policy, Excititor, UI, CLI & Notify Guilds (`docs/modules/excititor/architecture.md`, `src/Cli/StellaOps.Cli`, `src/UI/StellaOps.UI`, `docs/09_API_CLI_REFERENCE.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | GRAPH-CAS-401-001 | TODO | Scanner Worker Guild (`src/Scanner/StellaOps.Scanner.Worker`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | POLICY-ENGINE-401-003 | TODO | Policy Guild (`src/Policy/StellaOps.Policy.Engine`, `docs/modules/policy/architecture.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | POLICY-LIB-401-001 | TODO | Policy Guild (`src/Policy/StellaOps.PolicyDsl`, `docs/policy/dsl.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | POLICY-LIB-401-002 | TODO | Policy Guild, CLI Guild (`tests/Policy/StellaOps.PolicyDsl.Tests`, `policy/default.dsl`, `docs/policy/lifecycle.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | POLICY-VEX-401-006 | TODO | Policy Guild (`src/Policy/StellaOps.Policy.Engine`, `src/Policy/__Libraries/StellaOps.Policy`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | POLICY-VEX-401-010 | TODO | Policy Guild (`src/Policy/StellaOps.Policy.Engine/Vex`, `docs/modules/policy/architecture.md`, `docs/benchmarks/vex-evidence-playbook.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | PROV-BACKFILL-401-029 | DOING | Platform Guild (`docs/provenance/inline-dsse.md`, `scripts/publish_attestation_with_provenance.sh`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | PROV-INDEX-401-030 | TODO | Platform Guild · Ops Guild (`docs/provenance/inline-dsse.md`, `ops/mongo/indices/events_provenance_indices.js`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | QA-DOCS-401-008 | TODO | QA & Docs Guilds (`docs`, `tests/README.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | REACH-LATTICE-401-023 | TODO | Scanner Guild · Policy Guild (`docs/reachability/lattice.md`, `docs/modules/scanner/architecture.md`, `src/Scanner/StellaOps.Scanner.WebService`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | REPLAY-401-004 | TODO | BE-Base Platform Guild (`src/__Libraries/StellaOps.Replay.Core`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | RUNTIME-PROBE-401-010 | TODO | Runtime Signals Guild (`src/Signals/StellaOps.Signals.Runtime`, `ops/probes`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | SCAN-REACH-401-009 | TODO | Scanner Worker Guild (`src/Scanner/StellaOps.Scanner.Worker`, `src/Scanner/__Libraries`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | SCANNER-NATIVE-401-015 | TODO | Scanner Worker Guild (`src/Scanner/__Libraries/StellaOps.Scanner.Symbols.Native`, `src/Scanner/__Libraries/StellaOps.Scanner.CallGraph.Native`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | SIG-STORE-401-016 | TODO | Signals Guild · BE-Base Platform Guild (`src/Signals/StellaOps.Signals`, `src/__Libraries/StellaOps.Replay.Core`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | SIGN-VEX-401-018 | TODO | Signing Guild (`src/Signer/StellaOps.Signer`, `docs/modules/signer/architecture.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | SIGNALS-RUNTIME-401-002 | TODO | Signals Guild (`src/Signals/StellaOps.Signals`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | SIGNALS-SCORING-401-003 | TODO | Signals Guild (`src/Signals/StellaOps.Signals`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | SYMS-BUNDLE-401-014 | TODO | verify | | |
|
||||
| SPRINT_401_reachability_evidence_chain | SYMS-CLIENT-401-012 | TODO | Symbols Guild (`src/Symbols/StellaOps.Symbols.Client`, `src/Scanner/StellaOps.Scanner.Symbolizer`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | SYMS-INGEST-401-013 | TODO | Symbols Guild, DevOps Guild (`src/Symbols/StellaOps.Symbols.Ingestor.Cli`, `docs/specs/SYMBOL_MANIFEST_v1.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | SYMS-SERVER-401-011 | TODO | Symbols Guild (`src/Symbols/StellaOps.Symbols.Server`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | UI-CLI-401-007 | TODO | UI & CLI Guilds (`src/Cli/StellaOps.Cli`, `src/UI/StellaOps.UI`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | UNCERTAINTY-POLICY-401-026 | TODO | Policy Guild · Concelier Guild (`docs/policy/dsl.md`, `docs/uncertainty/README.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | UNCERTAINTY-SCHEMA-401-024 | TODO | Signals Guild (`src/Signals/StellaOps.Signals`, `docs/uncertainty/README.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | UNCERTAINTY-SCORER-401-025 | TODO | Signals Guild (`src/Signals/StellaOps.Signals.Application`, `docs/uncertainty/README.md`) | | |
|
||||
| SPRINT_401_reachability_evidence_chain | UNCERTAINTY-UI-401-027 | TODO | UI Guild · CLI Guild (`src/UI/StellaOps.UI`, `src/Cli/StellaOps.Cli`, `docs/uncertainty/README.md`) | | |
|
||||
28
docs/implplan/templates/sprint-template.md
Normal file
28
docs/implplan/templates/sprint-template.md
Normal file
@@ -0,0 +1,28 @@
|
||||
# Sprint <ID> · <Stream/Topic>
|
||||
|
||||
## Topic & Scope
|
||||
- Replace with a 2–5 bullet summary of what this sprint delivers and why it matters.
|
||||
|
||||
## Dependencies & Concurrency
|
||||
- Upstream sprints or artefacts that must land first.
|
||||
- Confirm peers in the same decade (e.g. 120–129) remain independent.
|
||||
|
||||
## Documentation Prerequisites
|
||||
- List onboarding docs, architecture dossiers, runbooks, ADRs, or experiment notes that contributors must read before flipping any task to `DOING`.
|
||||
|
||||
## Task Board
|
||||
| Task ID | Status | Owner(s) | Dependencies | Notes |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| EXAMPLE-00-001 | TODO | Guild · Team | Upstream contract or sprint | Replace with the real backlog. |
|
||||
|
||||
## Execution Log
|
||||
| Date (UTC) | Update | Owner |
|
||||
| --- | --- | --- |
|
||||
| 2025-11-13 | Example entry describing what moved. | Guild |
|
||||
|
||||
## Decisions & Risks
|
||||
- Pending approvals, blocked schema reviews, or risks with a mitigation plan.
|
||||
|
||||
## Next Checkpoints
|
||||
- Dated meetings, demos, or cross-team alignment calls with the accountable owners.
|
||||
|
||||
Reference in New Issue
Block a user